{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b3abb1d8-835c-5437-ba9f-75ea35417969", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-ws-mex", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2f781c80-dc40-5c45-9def-0cde2f5951e4", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a74fdb3-098f-53ac-b7bd-96086a7c02ca", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:18a0d0e3-c429-5b61-9924-9489b83bc365", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dca40fa5-8ba1-5755-bdd3-cc112d29bc3f", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bac9d1be-e9bb-5834-8092-55d410ae7782", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:996924be-823f-5d54-8b52-bcf65c4067bc", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ac2ba3fd-6fa6-554e-8811-86b1f5211017", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3745bb1-2c18-5cc3-8453-447fe535c9b3", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e270b693-f9db-5b35-87be-8f40be5abaaa", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13d3c460-3355-5811-8020-389112c3c774", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:55435ec5-b87b-52c5-9279-b2e0e0947c64", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2fe8576f-5f4f-529e-ab22-ae6bd8a4f510", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f84397e9-1bda-57df-9ac6-24d8b60763c6", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e970b10c-1b9e-5bc8-abe0-14debe80fa98", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d76359b1-e10b-5f62-ba75-dcf0b6b7ec9a", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:862fe7b7-9bda-5a33-b817-d2d279769aaf", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0023374e-5df2-5378-92c2-d8f76bc54337", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-ws-mex 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a70593f4-5275-5ebd-8f99-b54b72d567bc", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2db48062-ef9c-53ed-9ac0-c3a1d32c78b4", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d0263ca9-8173-50c9-82ed-5022d49adc51", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e17bc4ef-5f32-5397-a7a4-f49e27cbb668", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e4154834-a57b-5162-a850-45e078c32552", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1bfd99f0-a581-5aed-9b7d-33a641d0102e", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a505e2d2-1c1d-5220-a1a7-2cf6ea0417ec", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b7d325a5-9e07-5f6a-ba36-7e660889cd93", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:18bbb696-65ea-53ee-bc7a-f483ea6dc4ce", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-ws-mex 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1d1bde6c-d732-5948-8e2d-5e1c65a62363", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee1491b1-f3b2-518f-82de-a8370fa78486", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb3c2363-a852-5850-b1bf-8fb0476e3695", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:14fd3e30-a708-50a9-bbd7-69c250b8d6a2", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-ws-mex 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ea25a238-c29b-59cf-883f-a884f9462aaa", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1866a3b4-3b05-5572-a626-f498b001a433", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:be3a4253-e93e-539c-b402-83c5f5752156", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:efe004f3-f840-5b02-913c-cb8107f76402", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.2" } ] }