{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:771bb66c-18cf-54e1-a1a9-9c924282fb01", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-ws-security", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3e538b0d-f7f8-5b72-95ce-354173418cd0", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ac2f4bef-436b-5599-a93d-346a3c5d9bbc", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:17589345-78eb-564b-9b42-43e8a9da0817", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f32e7a9e-1e84-5cce-a609-c4c5524472f3", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5bcd547f-b897-5b56-80c4-bfe84cfba582", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dedcfbf5-fab7-56b1-bbc3-45820a9fd690", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:93e42613-da63-5fa0-aef3-813875972dae", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:36c10209-800c-5efa-a36b-0df4a687498f", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1d51ca69-93b6-5f8c-a822-5fb3b1f0641c", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:82824bc1-838b-53e9-b580-c2325eebfe71", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:90896820-bf5f-5000-9cd9-45a074c45f17", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c3659bf5-98a5-5d7f-a7eb-d5d852955f9a", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9e909213-aa23-5154-a93d-60ac51333b15", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:989c0771-d990-5441-b948-e1e30a9240b9", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:13361ee8-b921-50cb-9faf-bf15ae410f8e", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5b649d13-5000-54c4-9293-3e447b971f5d", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7cea57c1-106f-5989-8204-7fc358eac492", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5102508c-f58e-5c5d-a4aa-cc2b6df8cd44", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:59a557d3-ca16-50bc-99ae-64990c6cee76", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:32ebaeb5-21a2-598d-adb5-00895e0f9711", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d1a423b5-2d22-5e5b-a47c-d1177ef56c1d", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4fa5f741-979c-56d9-aab3-f85f8de906b1", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8291ae4e-e8d3-5ad4-aa57-6d74af7fc648", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:443d37c3-0790-5676-8ffb-6073fa084f2e", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1e0519e7-045f-5996-8082-d65985b85e4c", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e6581f80-fd96-508b-b613-c761587c51b7", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-ws-security 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c6e97fb2-22f3-5cc8-9ed4-39e333e70911", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:308725db-d447-5b8d-9287-1d8a59de0001", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-ws-security 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bd78b91d-3210-5408-b600-1856c9a2812e", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:27b7a708-ab90-56ca-9e01-e43cf556c356", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-ws-security 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3e8ed241-c10c-501a-801b-9ef57e6c00ab", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a0eee5c1-3f60-5f62-8bb6-a0c1d9a1bf95", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.5" } ] }