{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ce44a66c-54fc-565e-8338-184f9f54db5b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-ws-policy", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c6897622-4986-5829-96d6-9c20fdd78844", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cc6fa073-c3ad-59a6-bf91-117f5b6d8c7c", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8b5e7f83-3448-53de-8e96-d212c2b2fc08", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9ee5d440-1191-5326-9aa9-a7b954beb782", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:34612c15-ddca-5f18-aac5-f1b6d1a77d48", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:56f0b0a3-4d70-57ce-9813-6b08bee9e843", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0a2f0fa3-63c3-50b6-b2a4-036b0cc59bcd", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:de50f96c-2da3-53d7-b5ea-5cbf25ce79bf", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b4a9c787-454c-540c-ae28-a3edfc5ac491", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0816b59c-3dee-5574-96a0-1203ab231f4b", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7f4dd545-48db-5440-9499-8aaa70230d6c", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6c0c2f60-a86b-5ef5-89d5-7d37825a9aaa", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:99ee89e9-1f4d-5fd1-b1d5-93ab24c933f1", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:387ff32c-8dde-5e48-a514-1f3c18c5cc95", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7ab5d1d3-fa36-555d-a2c5-f310ef4b8d6d", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:027c02bd-cb98-58ff-b292-12ff51ab977c", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fcd0243a-57ce-5a5e-b27c-113aaef481dd", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7ba99f82-b551-5e14-bb14-f11a0be36e63", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:53600b94-f083-52ac-b87b-7b955585a433", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0162afa0-6309-501d-8482-224222e54f6b", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7262a65e-e9c4-5d8d-8ace-8b57d55b3ca7", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c5fbc7e2-26d5-52ea-aa63-58ab7b84522a", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8a680132-48c6-5bee-9bc9-f36cdcb63a72", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:749d550a-94fd-5754-871c-9ea2deafadc9", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fbfc6c34-32f1-529e-baea-06cacd26df23", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b3ea9114-36c6-56c2-af51-1cd9b718c16d", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-ws-policy 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6092edca-7125-55e9-a171-9bf632905775", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c5dca4cd-29ef-5cd2-9887-91434b6dbbf0", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-ws-policy 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aad8fc83-37fe-57c8-9b7d-e87d6962ce97", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:15005148-b57e-581b-9180-f0572166aa99", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-ws-policy 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f65d0584-89ae-5f50-b156-4483a6c31d89", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dafb84ec-51a4-5202-8a12-4f3f2444a719", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.4" } ] }