{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:266e7399-cfa0-59d3-a6b8-faa0aa1cf7d8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-ws-addr", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7ad44f5b-a288-57f2-9e07-1a98ae0feeb3", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:87895a9e-3169-5c52-8220-8c9c602fbf64", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1b505f37-19b9-57a1-bf2a-1a091f9f00c7", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b6069bd0-2540-51c4-ad7c-2e999db9f202", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fff965e2-cd76-51c8-9304-e92baef3a22d", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ad16c1d4-ba4f-5bb1-948f-6886f242f5ef", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bf9b1fa6-4e05-5133-9595-f1db0ee93a1a", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:46987d6c-d840-569d-b97c-6b3f3b915435", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e541b323-a2a0-5774-a4fc-c2eb01ba5fcc", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:05ef996e-9b04-5d9b-906c-34b2fd22ecc0", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:75d64c7d-5b9d-579c-a794-efae12fd7140", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e2078ee0-2ad4-521d-9856-df0958cfa3f6", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:47757588-ff67-55dd-a31c-d1c848956c07", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2c53a829-ffe5-5c28-a804-ed6a8c9bbe9b", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1a631fec-d13e-5f2a-ae3a-42251dd44ccb", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9ed70de0-400f-5b91-8531-e5e8355d8eea", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5db702b2-0826-5b41-9c0a-c18363542257", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-ws-addr 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:51415db6-a767-50a4-90f4-f6f5ff827660", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:66dc5103-6725-5435-91a3-0e0851801f53", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9b755825-3a66-5368-ae5b-76a21ba3b7e5", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f6f3b000-88d0-5d5f-8072-1f912a4cf290", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6299a502-595a-5c1c-9ce3-3ab00cd569ca", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7e6e0e73-07e0-5aff-aafc-5d764c0fd152", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:87e849b8-f363-5c3f-9856-afdb2f5e0b46", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:83e94220-5e02-5c21-af9e-939a6788d088", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:84ab780c-8c60-56f8-98b7-b6d90999fdda", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-ws-addr 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fc4241a2-7a53-52e7-aae7-d2a855dde0d1", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c8581c31-a0d4-5598-92c7-ad0f95c550f6", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4ce5740b-b9d5-56ed-99a1-2e4081f417eb", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5d7dbcdf-6658-5cbb-8fac-052cf746af35", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-ws-addr 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fe1f4ccf-44d6-5eb8-87b3-2424305201f8", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1ce2fb65-99e6-56a3-bc81-a8f86d3d2426", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d05f8afe-9a37-52f5-afa5-fe01d689dcd9", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:07b8c7d5-aff3-50c6-9fe5-df2e35eeb01c", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9-tuxcare.4" } ] }