{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2ca6e355-1c57-5a59-879c-053e736894e7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-wadl2java-plugin", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ec3f9929-b4b7-59e6-bced-c6396e6b36d7", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eacf5394-9117-5ee2-add8-6139a61b6877", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:81733435-bfe2-545e-9115-536af1e0a633", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:18661603-039b-51fd-99b5-ae5873278fd5", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5cb0fea3-458d-5eb6-bc0c-43a98a0938a8", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:be73166e-d908-504f-9451-dd456393b900", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f53f9bf1-bdab-5b70-8441-b0e94516f956", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7194c8ce-4056-5d42-b922-852cbb5a3aab", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6472f150-f0f2-5930-8998-45121c52abeb", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ca0b5292-4c28-5d8d-acc2-5d94e80e47a8", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:96f460c8-ebcf-5c0b-9830-c626feaa8aaf", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2e649828-a6fc-57db-ae6b-40725d748632", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b315c490-6ccb-5864-bae9-d47f0525ea03", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:81a9d4fd-f5dd-557c-82c4-4fbcbf8ec98f", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c6a392e8-f43c-565a-992f-b3e8f2ef5895", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8f32a778-e203-543f-8ac4-15579abc2497", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ebba4f56-69bd-5b23-bc0e-8d83c0a2ac0a", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-wadl2java-plugin 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1e66eba3-1757-5214-9537-38d318258248", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3e123302-bb46-5349-9141-84ea9c3d725d", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:56c5b9e0-758c-5825-adce-5d0bdcce610d", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:77038263-bf9d-5c2a-a878-df52ad3b8fa2", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c028ce27-69f7-5a2c-89e0-1fa97d65aa6b", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4771b15e-ed3f-513c-bc58-6364c6b016a9", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b001fcda-3f7c-5b1a-817a-f3b9e23850da", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2aaad1af-a43b-5b5d-926b-9cd003ef8d39", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bbdf4471-3ab1-57f6-acb0-d167e47bab3f", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-wadl2java-plugin 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aed4bac6-864d-5de7-83ae-ef24a69a2793", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:903f294b-1384-5004-912c-76bb76cf9d15", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:078b85c1-c5c4-5343-9779-1a3c6da67b85", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3e946a48-07c6-5a37-9ce8-10f9cf4b4694", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-wadl2java-plugin 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9f8b3fbf-0a7d-5828-ae3c-bd1eaa0ba08c", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:07c42af6-2725-5128-bebd-7919915d91b2", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ed4a8558-438d-5628-a69c-86b28254c9e3", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:711a0534-bddd-5ad6-b40c-6e833a1cd29d", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9-tuxcare.3" } ] }