{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:95502a3d-1bf7-55da-bed6-b672159e3e44", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-ws", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:75f301f8-9cff-51f7-b2e4-b22321faf7a1", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:956061ca-2f8e-5093-a5ee-92754dcaac75", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e441ecc1-60cd-5cbe-846b-dd50d503827e", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:10e84a5d-1f15-58df-8034-e5b116ae6a7f", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5cdef0c5-b0c1-56eb-bd4f-32116be150f7", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d9ae2f8-739b-5318-8d1f-86538082eb18", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9227b4ae-cf66-554c-b839-23ad84f7868c", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e8bba48a-fd00-58f4-a0af-06edfb8806bf", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0d53d813-fae1-572c-94c4-dd6646fce0c4", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a34c88cc-e14f-5dce-9031-6ffff6e61d32", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7443b761-f696-5a62-8258-bfc9ff165058", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca919427-b6f9-51ee-9212-5a3d53ebc6a3", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a140375-08c4-5e29-8be3-d059eb26cec8", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5bf7b2d-7c22-5c55-9dee-df79735d875f", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d9579fe3-e7dd-5d9e-b7b5-0e1ab9f132c0", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9c55317-32b9-59a7-81ff-5ddd657dbfb7", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d7d913e-ec80-58ce-ab92-dbfb71d1d850", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bed1727f-36bf-5b8d-ab74-fff1c4288507", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7739362-4815-534e-b1a0-921b5d432b7a", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3a46b44-94ea-56d9-b20d-cd3d855e80a6", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ff8763f1-b4f3-56e6-b3aa-3fe07e6ef376", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:da42ec0c-2bb4-57e6-a8f8-ae6e2b55bd17", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:629c0cd8-b923-589a-bef2-687d3f087375", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa6fbd9b-0a2f-5ffd-b94b-44a9c9529d95", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3108676-9cd6-57a7-803e-0f33fa1e76d3", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e70f8e89-dd4e-59a3-a096-1e53fafd87e4", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-ws 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17f07870-6b01-522f-9753-474a9ae5b971", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:75724243-18d0-543e-b16a-a871241d7e82", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-ws 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28477ef7-a4f4-5b0d-aa3f-8ba68f55fecd", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:08fa514d-ef97-5701-b5fb-d6b10b5b2beb", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-ws 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b9feacc3-013c-59c8-a841-34ed3f485537", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e3eba173-b6a9-5d39-9bee-f6a8c5493465", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.2" } ] }