{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a39a92a6-2371-5e0f-831e-ef6c7d86efe9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-ws-security", "version": "3.5.11-tuxcare.6", "purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d12c5c7d-44c7-58a4-a61a-92da7dfcb520", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:778666d5-9989-53a1-9f47-390286da300a", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9ccbe23c-73e1-5f06-b508-0f8abea6f8b1", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ff1f23fa-5a1d-5929-9b83-41df42aabb3e", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1b7517ba-7007-5b3a-94cc-009e1a0da127", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e5792564-9482-50e3-95e9-3d9c38a74a3f", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1e6b3c66-4f87-5826-b9a0-9399fbd4be72", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:82d23d41-9526-5478-b3c5-8c7720d4e5bb", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:20118f61-1a11-51d1-b680-07170f4ded40", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b44f40c0-28df-5c5b-858f-8f0eded6f9b3", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a005b2e4-a464-5b75-ae6e-48fa3ef687ca", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6a6517a5-a930-5f34-bede-6b63db6a3490", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f83cfcc1-3c4b-57cb-b362-0b03a97e1ed9", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:28a93d89-8678-586b-b529-b836db9876b7", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7a31c5a7-b684-51fd-a6d6-744e01d2a798", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:70a32383-e852-5507-a299-623cdaad1209", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bbabdd7c-ed1a-5270-870c-96624745e2f0", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c4214788-fa5c-5757-848c-74318661d0e8", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1e77ee99-1162-50ee-917b-38891dcffcf2", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:24b8652e-0f78-53f9-a0b2-ede7672e249a", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a68b5071-3f2e-5fe2-b4b7-f4fe250ba1fa", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:89599a5c-32da-5d15-a467-9533f68bc05c", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:676c46ac-82c3-5678-b5be-0174367b68f8", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1f5a3c11-5bd7-5c56-b226-56fabe391362", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9ff2e502-61bd-57ab-8011-d92459a2a304", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6ff0598b-20ab-5e49-98fe-f7283341a6b0", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-ws-security 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:46e9340c-157e-5112-8bd7-ea375e63768a", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:61d82f92-77e3-5b90-968e-c6f87015c9c6", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-ws-security 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3d6b6d22-c8b7-5c6b-a8a2-61ee1246067a", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7adc77a9-7847-5e98-9368-f508c4156103", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-ws-security 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:937a443b-6eb4-5f4d-a97f-a4dab78f7646", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3a160653-b816-5012-83f5-49679ea4116c", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.5.11-tuxcare.6" } ] }