{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:72026824-4155-5e05-9d14-b0955b786255", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-ws-policy", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7d321b26-2028-5992-8dc3-e5bd706ab406", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:20835818-73a8-5663-9b9b-73bff5659960", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fc66d6c2-097e-5928-b855-9494faf34b95", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2471fd9a-06d8-5647-a189-401e050a3876", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b30e2934-ba8b-5f8a-8bdb-7b9a042cd7e9", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6fd8314f-2b9c-535a-ba0f-ee1824aeb757", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:be0b2ccb-4ec5-55c0-9daa-d922dc8afb51", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9d5dae26-4ef8-5d78-a747-a25e4db6e2f0", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:99d92cc8-406b-54c4-843f-5802e7564bab", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:15ae6889-0174-5ad8-a6d5-8ada179a9605", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:97cbf581-a4f9-57c6-a358-e72366894db0", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:8f3a97ba-3f3d-5bf9-82ce-265c216ed5a4", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:18b2b0cf-f4a0-521d-b345-6ef72c29a741", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1bbd1a8e-a97d-57d8-aa10-70b6f27d4771", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:cf22c733-472c-57e6-a027-1b6c699fa5b5", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:45bfc712-3795-570d-9f21-316ff78af6f5", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:543a2c98-ef52-59a7-9e39-679fcacc0c54", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4e9bda3b-c1a3-5618-9268-323b112be40e", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b797dc14-4a42-5c30-b971-6eea2d0dc496", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6097a0b4-16f8-5d27-bbf6-7122fadc010a", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0613335e-5091-594c-841b-5c741cfb5240", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:550f41c0-6349-5231-b806-5440a777905f", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:587de521-1648-5fd2-a547-d72df6512cee", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:62e238ff-9785-5675-8e66-e209ba2ffacc", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:71c610e6-fd03-552d-bbef-a14f8448ed02", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:51a546a7-78f4-5039-9e7e-1a0a423f3a8b", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-ws-policy 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:29c8998a-fc49-5c27-9013-c592e2a87c5f", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4f2775c6-7f49-555e-9106-124d89e01928", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-ws-policy 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0de0bf28-c5f2-5fdf-9f10-d553839304b8", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:cefd2424-f71b-5643-9983-ca9d73c94068", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-ws-policy 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e5e12586-fff7-5077-8059-1a91d4c67439", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b98582af-b7a3-553e-9889-bce384b28c19", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.11-tuxcare.7" } ] }