{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ed8f74e5-6553-5237-9e99-4315c12733db", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-ws-security", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:92073f74-f479-5004-b7a2-265825d34e25", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1116fb40-8d05-51a6-89f3-9f82e116c5d1", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e92b3f7d-6ed4-5377-aacd-1a1278b158f9", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:619d2cf9-9da7-5590-83a3-f8372ab89798", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bfdbb82f-d23a-5acb-8f5c-6b5ab2509c97", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aaec8cd5-3255-5ed2-a794-1dbfd93da877", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f06e9b9f-83da-59df-ac90-22864ee40a57", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:22fe33d7-b4a1-5a24-9ee6-c82361026c65", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:079e0580-54a3-5bc9-a427-a882cadbbb10", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e8e315d-1c4c-52c6-abe3-75513f18fc59", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6e18d8c1-fb39-5ffd-b846-7032d5552e64", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a4f6e3cb-0cd4-5d52-9eab-6549aa786dd6", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:db574163-570d-5ffa-bf92-3ff986913bec", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:133fcda4-e72a-58fe-9091-ce278f35b415", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c18217cb-0e3b-55c0-ab2a-b2749523a577", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8f203473-22c8-5cac-bd42-eef4e121a7a6", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eda34c15-3e5d-517d-8ba2-00aa8295babf", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fe207d00-e0fd-5082-9bdf-62c121b9dfa1", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:38c02180-cc35-59bf-99da-985d53ad9503", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7cdd658f-8e63-5452-9061-77efafa048ca", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:94d5ef25-b871-597b-b83c-231f3d48aba1", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b16434e3-e612-576a-a687-408ad763b434", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc334df4-15ef-5dfa-bfb4-c6b5df6c9df0", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:07ee8ac7-aaa6-51bd-abe7-a3ead2600feb", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f3c2c36d-95da-5ccf-b608-01e1022286a1", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bbf6cb24-084c-5b47-9290-acaa77fe0163", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-ws-security 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cad8e8f0-c6ac-53ce-bcec-5f29a39b53b4", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cdab5d26-263c-555d-b795-b3ee990fc5e1", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-ws-security 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ac9c6e6-4993-5f77-b601-d93867da93bc", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f44126d6-e592-54bf-9df6-69b8ee4a220a", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-ws-security 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:577e41c5-0062-5ec4-9ec1-e266e5d57b86", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:05d44881-1936-5112-b952-0d4278f7af06", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.2" } ] }