{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a74c750b-336e-5577-8ea4-16bdc8755a90", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-ws-mex", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4107055b-7f4c-5934-ab58-027780e4fadd", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cd166246-fa98-5ca0-bd38-28654fbe34f9", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:377b8e16-5841-54fe-8b4b-e386723dbe78", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:60a97821-b0f1-5134-bf80-6b9bada327a5", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cc392ea0-2a4c-516e-8fcc-04f5266a2dd6", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:89d1263c-49b3-58db-8bbb-ce316bc7cd32", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e656e28a-bc54-5a87-898a-c7be705325b9", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:38820567-a724-5fd7-acda-415ff965b0e2", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:47dab1cf-0308-5c0e-b432-a48e9669f6ea", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b5212f51-2e0f-5e24-ac3b-ee597a22b7fa", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:57668d8c-6df2-590c-baf7-88b349015862", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6e6f594b-d377-5918-bb83-6703d148d8a1", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:28d35461-b3f8-5ec8-af95-89a3c272ed6b", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fb0a4c65-ab1c-569e-b68e-25211e697355", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4fe034fb-e98e-57a7-b6c8-f3c74e4bdb2b", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6b0aecd4-51b9-5740-9381-45bcc52ab48b", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d36fd427-31b3-5f2a-97e8-c4be857e4051", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-ws-mex 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d2a609e2-0c83-50f1-89f7-af092d3ac90a", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e23190b8-9d18-570b-bb92-4505a05c9e89", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:56f0a261-d3e2-5d46-843e-0cf2200af239", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:34e21c86-2346-56fa-bd24-49ebbb57ed57", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:736e13df-980b-558a-89da-02782a9cc1dc", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:417c8f46-56df-51e5-bb45-a6456ba52076", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:09cb0a01-9f31-512c-a486-962d144bcd45", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cb5e0dbb-9b04-5bd7-beb6-32dfc92b1714", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3387bf9d-0ebf-5487-a3a9-53f53a25210a", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-ws-mex 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9be0d35f-280d-5c9e-bb88-f38fc5e95002", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0e15167b-5f0d-5895-a125-681dfc620772", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:715c879e-769d-543d-b7d4-2671061f2517", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e2741b77-3e3b-5525-9a3f-bf0757519f18", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-ws-mex 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:302758e1-8c67-5704-bb1b-a1bac8c5e9b2", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b240a242-3578-53d4-b71c-8667f45671c3", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8215b819-98e2-5540-b432-e970e91f1556", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:702112f7-bbf7-52ed-86a1-ce12120fa3a3", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-mex." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.5.9-tuxcare.3" } ] }