{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:06f712ea-2271-5e3d-8df7-73af3c17787a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-ws", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:66355fc8-e94e-5a8a-8598-53701dba31c6", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b17fa077-e12d-56a2-81fb-bf270b50d016", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d89fe9c3-2a29-5d73-8932-59490883cc18", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:98ef1d7d-71b2-5f68-9872-798a08aecbc1", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:592e10b3-2e6e-5b9a-a85c-9520bf492cfa", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7257618d-d35f-5813-9439-c1df56d7b272", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:35c3793b-37a4-59e8-b5fb-83de75250232", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:22148f5c-25b1-5ea3-8755-d25cda239a18", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9cfb9f10-6c50-5bcb-9347-c426faae82f6", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2ef6ac0a-70e1-58a5-af89-411f5ced2e39", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6d96cdb8-06ab-5a18-8469-b2825d0e95e5", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:587d7818-575f-5915-8d35-0acf5311d26c", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f1e239f7-fce3-5640-a6ec-26fda5a0439f", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7f6ff9b3-a1f1-5350-9fc9-bc28d77a041d", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3fef52b8-5992-5252-b474-386a936bdaf2", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5d6cb1af-ed28-5516-bd6c-25adc9bdf877", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bffed460-d5f1-5686-9835-164f90e8db88", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9c24a414-edb9-5aba-8808-2e8d48fabd9e", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:801b7f80-448c-5650-94ff-c6694d233a4e", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:42fa07e9-e664-561d-81da-7b99dbc64510", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3ca8d4f1-e587-5a40-a5ab-860f71c64ce5", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3564007d-4abd-56ba-a870-c5f8d03bc2a4", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b28ee8ef-6289-5632-bf52-4ab01eeb843b", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:22ad0cc7-6621-5a53-9756-e4ccffcd8fd4", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:69031444-7c19-5c07-aa85-6496e48dd373", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bb50ca69-89d2-5cbc-ae9e-6526d671eab3", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-ws 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d23d1811-024f-525d-9af7-056215878442", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:010dc6a7-6a97-5ad5-a27e-5ce4e35c12eb", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-ws 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3ff3564b-7854-55bd-a76e-795735439dbd", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4be114c5-f932-5cda-a39a-9d0447f69bc1", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-ws 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b1d2628a-863f-5d52-902e-ce138fa9c4b9", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:90d7d021-744d-5e8a-bd70-1be5eee05411", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.11-tuxcare.4" } ] }