{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:62078de3-afe8-56ad-8c6c-dadddfeedefc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-ws-addr", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7f28a113-a7eb-565c-b1e2-26fd65e0df69", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:50e6f230-8db7-5f17-afbb-7c70bb251ff8", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6531a5ac-6025-5d32-b48a-a2d452cc2682", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:205780d1-e603-591d-986e-701b586fbd40", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60142173-1c4f-5d1f-9efd-743edcd899e0", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4c2f6df3-3eda-5a86-bece-eed0bcdbb86f", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dbe25918-8a04-54fa-8709-18d0289a768e", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3cfb496d-56ef-53ae-83d4-8d438016a33f", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:139ed26e-334d-5e81-9ac6-6adb4ff40e89", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2f69b99a-c4a3-5f1a-b42f-f280a0e69189", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0b739084-98ba-5163-8573-dcec7b0fbaf2", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a49b4bc4-8965-5534-8d01-5ebb89a8bf29", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f2a18a3-c1a0-5146-9b07-826d2e00f356", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:235b78f8-d5f3-56b2-bead-64b6fd0403e2", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e6537b24-9d37-5aab-b681-5c96fcd6ee94", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:85a83b6f-2fa5-593f-bc85-23e3b4a8c773", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:16aa7919-1cd1-58d0-9425-22ca53a497bd", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-ws-addr 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:088b7f8a-d241-5641-8934-08ef34257abc", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f34aa082-9de1-52b5-99e2-c809623cf6b4", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:13359b77-5241-581e-91fa-ea027b1ba67f", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:781ae054-7731-5887-9326-a6ce28a664fd", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5e91800e-46ec-5b12-98e9-63e9b1e019fe", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b3272e5b-becf-58b3-a128-0ba335157b04", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aefd9683-d01c-5ca2-930d-c53a7a29402d", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5dfe432f-3e53-535c-8b66-55cd116c5734", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cfc02d89-d785-57ae-8d98-99592d1c23f0", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-ws-addr 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2e278797-74e5-5b51-9317-4db8f60e8d4b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f15ce03-30bc-5035-8a9a-0db5e0b59b79", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:739e7caf-414e-575c-8588-44f08dfdc726", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75e95825-ad4d-5b53-9893-f0e2083cc5dc", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-ws-addr 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e41e47ff-0759-5636-9acd-f3f830902ea2", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:56fe9b83-b707-52b3-a368-ac408e7d7ab7", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:38dbf982-f62e-5f70-aac4-bcef449f5ae8", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1867bf06-9c06-521d-abc1-7af2de4d7ec8", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-addr." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.5.9.tuxcare.1" } ] }