{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0f1503fe-357d-5f81-932b-7ded9699495e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-ws", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fa5848d2-d930-5d5e-95db-e8d2ebcc614b", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9d759d34-613a-59b7-86eb-06b71e1c19d0", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b2332abc-a543-583d-9906-a05cf6c8da15", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:418e0e13-1a62-5083-81a9-7adfe975689d", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:71a290d1-4a94-51ea-9a79-1a648e02c25e", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:18520336-ee70-58bb-9e15-a7af3d8843ed", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:00016d89-0d79-557b-a663-f718c461c7b8", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bc9ae31d-3cf9-5f91-8792-6e911a642c6e", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:38b2eb7f-78a4-5c6e-adeb-e46471a243b0", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f81ca0f4-f1e2-5030-b538-42b42934ffbb", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:23d12a2f-14c2-53b7-8ec9-6ad6878f361c", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4014af35-549f-5be2-ae42-2d9101b1acf4", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:33384ab2-6d3d-5ded-979c-26dfe57adb06", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:48f1bbd7-b84c-5006-bfbe-98e8469cb9e6", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f3e97005-5a59-5fd2-8203-467e31889cd5", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:41df289d-2f1d-5c83-83c1-020aea4e6f36", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ed31ea5f-8fcc-504b-bec4-31f3a765d6bc", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-ws 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c0bb5d3a-1109-5dc2-93e6-ca84aecf2aa7", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:74ffc7a2-c376-5a0b-a531-7c816f9e63d4", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a33873bc-1e45-55f4-97d1-6b230e2973bf", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:88b6d917-74c5-5448-b459-d9c98ffd6fdc", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4a112a48-044f-5c2c-a97d-5e2cb57cd4ed", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e6802068-0b4c-5a90-88c5-0732bdb95f7b", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:44cb80fa-df2f-5aaf-8ccf-6875a496306e", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c49ef022-8a00-5b94-b1bf-e147f12e4fe6", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:29555852-3367-5dc1-9559-ed80582ad492", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-ws 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0d06efe2-8574-536b-99c3-2ca99d5cda98", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:aadf1136-5baa-5cac-8d1b-6a649db8dc0d", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:85c36031-fb84-5131-835a-1d878a9118cd", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:16761799-a6d1-559d-b104-8cec49a6e08e", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-ws 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:888f148b-8f6a-5a71-b004-8141567d7ee7", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:110b564e-e1a5-5810-bde0-30a65eec5ebd", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:93a089fb-011f-5de3-baeb-2059c9b0380e", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e108bac7-d538-59b6-bb76-ce809ef46070", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws@3.5.9-tuxcare.5" } ] }