{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:de7d27d6-ce4d-50bb-ba18-40f7108d0be4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-ws-policy", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7008a39f-af70-5de4-8736-b4dec428d085", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2cf87176-476a-5633-8886-b7e99b8d7580", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8aa3d8d8-d044-5140-be81-df4cf2e88eb2", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6ec45868-20c9-59e7-9052-d0d03a215bdd", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:88dc07f9-2e68-52ef-bb94-18fcfdc7a9bd", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a71a51c7-b06c-5b9b-b04c-be55c60da5f6", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:72285a95-3c41-50f7-9319-d12a80cb16da", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a72dda6-f256-5f3f-9a6b-8075224cdbc7", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1aad4fad-4723-5193-ae96-f2122d211264", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7948aa9-8745-5dd7-b726-b09929a1999a", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d03c504-857b-5187-bd17-f9998fd1cf5e", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:68f28128-9c9c-598d-a2a0-25d32bf47766", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:35f48e22-7419-5320-adb8-910ee3e6e20c", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1e9e3eed-5517-59a5-89da-5c4f9f6d34a3", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17a0899f-21aa-5154-b9b0-f931fd994386", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a995a867-1004-50f3-a013-886b6bacdd6e", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:78af0ec4-fc16-5fb4-b083-0b94bb4cc416", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9711381c-af5a-578e-ae94-9f526a9e007d", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b8d7873-aa73-507e-8f9a-4e99f608c3bd", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:50af225c-4feb-5a05-9e2e-e14ffc0d8471", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0460894-77ce-5f11-bec1-74a6eaf59cf8", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:50641bd6-6a28-59f3-b873-d1a1b7ed5fd3", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:084cb96c-ccf1-5bb1-960e-279fea4d5246", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:edc249ca-e872-5ebc-b74e-bdd1d0559151", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:816a358a-edc0-5ee0-bd97-6b460b835f40", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:977479b8-57ac-5f89-adab-181ba8f61540", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-ws-policy 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:24bae3f8-9a75-5245-a34f-aa3fb10d65dc", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a5a13112-4746-5eb6-8f6b-38abde862224", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-ws-policy 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fbcf9223-4282-5894-b34e-7d69d993d12f", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f88cd64a-f19c-57af-9c9e-6ca8eeb21bde", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-ws-policy 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9bcaef6e-cd39-5efe-aa66-36d358da8ef0", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c703eafc-a894-57fc-abaa-38ddea5a9c39", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.2" } ] }