{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8bd88754-ca3c-5562-a85d-b8bf77ec860c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-ws", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:19a340f2-75ee-5806-b5db-6bd3639eaafc", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:090d7f92-8869-5249-af90-882832fe1e03", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3de47fef-1609-53e2-8fe5-8b84ab7f2d73", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:22a34a68-7efb-5a3e-9b35-50c6b81ac7d6", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:98bb9e60-ae71-5090-8f57-6c338023a651", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bba037a4-c4a5-566b-959a-a8bd47907373", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:05317069-034d-5d5f-b15f-e8b141c95f69", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ecb8e20e-2e30-5ae8-b985-ce6d5e17cb27", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0195d63c-4ab1-534a-af37-019dfc298ad7", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:732e4c61-e9b0-58b7-a1ae-e0686d2eb717", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d8d426d0-7969-55c6-8d8f-3bd714916674", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4450b526-7e46-50b4-b619-c44edd4e8b39", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9e389562-0afb-5af9-91a9-6414f07e69b9", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d61f96bf-15c4-5cfb-a882-8212969d0dc6", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eafebc2a-8be1-54a7-a4b4-7fa24d62b5c1", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0a6a40b-7df3-583c-b1c6-36d244c4ff58", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5497a5f1-392c-550d-90b6-75e758fab791", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-ws 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96d52222-1cdd-5f7a-8317-27e5d0363893", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0a160c1-e750-5047-b136-388ae92c4533", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7febeeed-ae18-51a3-a3be-14bf4c143b36", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd29a887-93d0-5ffa-8236-6781793ffb0c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5007ff2f-b521-5c87-a5c5-2b7c9f28122b", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:98a131de-34bb-5aa2-b56f-406bdbdcefae", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f068242-8c8c-5985-a4eb-a2e318966327", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:421ba7ad-10e8-5cec-8374-5b5c8eb4ae03", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88866133-7594-549a-9a25-f61d48069953", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-ws 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4783336-0528-5651-80c8-6b4d97da6110", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f7cf783-ed49-5162-847e-a199a8b45bc8", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ddf9f4dc-48c0-55f3-baea-a47ec435e6ff", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:35b48d8f-6cdb-5ab4-b850-27a700fa8766", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-ws 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec181fd9-085a-5de4-a445-efc70bf665d4", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a69570d8-4375-5b90-b84e-b48333ec4ed3", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f836445c-8534-529e-bf48-404eff70066c", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc628a75-8942-558b-a9a2-950f0c6bf739", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9.tuxcare.1" } ] }