{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c0fc3e64-368e-55e5-965c-46915c8d2fa3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-wadl2java-plugin", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f53294c4-bf30-5391-9192-d36a9c08fec2", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b358c471-2f96-59ba-82eb-04252c421add", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f880133-316a-5f4e-b65e-dba1b69d7d76", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d9701c4b-1bcd-579e-a80d-775a5d9bd4f5", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4c77051e-728f-5d28-8274-5c6dd1f598c4", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:413899ed-eeec-5ee0-b843-b8eea1906d43", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b45d559-e12c-5fe7-bb0e-a9660ff8b7fe", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4e6f5f00-bf0c-5b93-844a-8a3f99544427", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db376b8c-77c1-59c7-b535-3093d3e06997", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:039c539e-4162-5890-a555-4e252d96f074", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91347b18-cdee-5572-91f2-4ea7dc01b054", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e5d90444-cd53-5acb-bafc-f5c9206ca5e4", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da663e23-c14c-53d5-aeee-6eb46eb747d7", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58efaa61-d344-527c-a1e9-3f46516f1639", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a4e4537-a4fe-5938-91ed-cab7ad900da8", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e549ff2e-025a-53c8-88e1-63d90f4268a5", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bfcaf983-eb96-5131-b911-fcadce3b5b22", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-wadl2java-plugin 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a1afffd-43cf-5182-9f93-24c09a2c21c9", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e46a3166-cf8d-5f1a-a27d-1b8058136293", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:338aded4-8ea3-5cc3-b434-fc403cd41673", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:36d3a737-1964-56a3-97ed-db276096db3f", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:63e7d66e-f5a1-535b-8478-039ba06d7d36", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae22275f-7ad4-545c-90f7-ed64b933ebf6", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:47a9dbfc-4335-5ff3-b2f4-dcd40db11814", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2508e1a9-03ae-537a-8eb6-3d04fafe1443", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:01a0c16d-7d94-5f7d-9fe1-b80ceb7170a1", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-wadl2java-plugin 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:baa090ce-5a0a-5e20-a0e6-d218526b039b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b21b0c03-4e49-5af1-bfe9-3a6bddb190cb", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ebfc2d8-8945-5e6f-a645-51ebfd0f20bf", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:213094a7-0eab-5056-a817-411fb012a3b6", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-wadl2java-plugin 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1a47de3b-52de-56c1-8bf2-c45669efeb14", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c063c57-e5df-5536-a8fa-c97b416ef76e", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc3cd432-6de9-523f-b4e0-68b35493f166", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fd129b5f-ee9a-5f2b-bdd5-1ce25125f274", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-wadl2java-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-wadl2java-plugin@3.5.9.tuxcare.1" } ] }