{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bee8aef4-4eb0-5f20-adb8-02f3daa586cd", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools-wadlto", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0e28434b-dbbb-5da7-b55f-683fad07f165", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:26e3c1d6-cbd2-5c4a-9003-f12b992b4bfc", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df185444-0c52-55d2-8a15-4cd9dec4d4e8", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba8a477e-cb0f-575a-ad50-a16195a6366d", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:74b800fc-71e9-5869-acfa-618f550542b2", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e99c4147-fcb6-5dfd-9f54-a434776d18e9", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7608b406-cac2-5f17-9487-dda8b529952c", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:82cc1d4b-536f-518c-83db-2cb8bec6f023", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24258c8c-93a7-5848-a185-51b1659538d1", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:868f600d-6705-5e1d-a39e-14df8e881c47", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b38872e-c5a8-5d53-a07e-68e419a5f56f", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68470280-6efd-54ec-9eae-5003933e54a7", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:03a6bf96-1fd2-5371-91ef-bd5768b7975c", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7324a253-3513-5eb4-87af-9e32b720db68", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75be9755-ce28-507f-ac28-9b5ad16e113d", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7014d153-617e-5581-9f1b-b2ee499c6c3e", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:214220f8-c2f5-5737-a09e-1ea6fea31c66", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-tools-wadlto 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6202816e-3b05-5257-b204-13053b4b0b66", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:601fafad-a6c9-59a2-91bb-442cd28991cb", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:27f1921a-f544-57a5-9801-a767eb76eda9", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c2e569a-dce3-574a-9329-d1077ba253ee", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:932aa584-dac0-5fa1-b2ac-9a74e69c203d", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f745d39f-fd5a-5120-bbe3-e1650fc4a223", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1ae8244c-1a29-5e71-9125-f836550a3d10", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75400002-1aae-5f75-9e15-a5a19dbc4fa3", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ec7e804-46d8-5245-90e2-77b79915700d", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools-wadlto 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b072fcc6-40e6-540f-836e-06eb60bdf4c1", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a704cff7-7832-5602-9b24-84fddf49033f", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:746e6de4-3d25-567f-8bb9-d1acba0091fd", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de316892-dcab-5a53-95f6-506eb9f808a7", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools-wadlto 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df4c0429-c9b2-51f5-983c-aa80cada0bbe", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3ed6d131-57ef-5215-81a9-11db10e723e6", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:04a9001d-5fdd-5e98-9bfa-cb644ae6aabc", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d28330ed-ea3f-5559-8ea7-4cb2b3cfafdd", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wadlto." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wadlto@3.5.9.tuxcare.1" } ] }