{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:62f60922-9686-5244-83c9-0d1a9a076772", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-bindings-soap", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6c414407-fa1d-53f9-bd33-263cced10036", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:031c360f-6e7c-5748-b330-45fd8aa301d6", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dbe646b2-1f12-53fd-8c81-c53880551b6e", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f2f5ff5-9b71-54a5-a760-60926dff6406", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:533543b1-17d4-5796-89f2-5740b652fb0d", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4553237f-4270-5c04-a291-5f5bd82ab1ff", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e373403b-5661-5d43-bd3d-379484f3fa7e", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e369e68-0d73-5649-91ab-0b02a095f89f", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e540fbd5-2658-55d4-8f82-9ed2fd19c438", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d190a6e-8241-56d8-a2d5-d1d160e63170", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0139a17-b6be-5075-be2b-8a0c983634fa", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a69ed81-531c-58b1-8b76-432494b227d6", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:65ef9691-b0d6-5efe-8143-f6a21e19e9ba", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7bbfb705-345a-571c-8bca-e982a2eb83bf", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:15fc148e-536b-5f26-8475-41b2991421ea", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be0995b5-49b6-550e-834e-ad424a26e8d3", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f88ea26-3ec5-5772-9669-d5fbb7fd786f", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-bindings-soap 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d9180c0e-a6a4-5e6c-a0d0-53c1727538d8", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:781ce15f-aee4-512a-992b-3314ffe799ab", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:77d72e70-4c7a-5d15-b83f-ff9b64cf0ce4", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ed364ab-c815-59e7-8cdb-5d90e8164ddb", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f9255b4-da7a-5482-98cf-0b97931812e4", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:832bac52-fafa-58e3-8add-6a06d30954be", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:41bdb790-7eb9-53e6-b391-246076a66b45", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6de28c81-8b22-55e6-9a2a-25734c57795d", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f07ae9be-5f5b-5738-8367-4f5a0a4e72af", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-bindings-soap 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d505fc17-451d-59a5-acef-d6e27a2aa5ea", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9dfecbb5-90bb-5fa3-a7e9-00c7056ff1e5", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0c2ea89-5a7e-5aa1-9430-475a955c216d", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:90a0cb3e-b6f4-5f71-bb96-2baae9badc11", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-bindings-soap 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:94d2ab3c-1ad1-5f09-b1db-e6b2bee5a1e6", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:18ff0976-baa9-5660-8ec8-938a98c74f0c", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f571c7ef-bc67-5ecc-898b-f6e310234558", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b67183fc-1e48-572d-b71f-c53fcde8682b", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-soap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.5.9.tuxcare.1" } ] }