{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ffff8d7c-0939-509c-930e-9a3494dc417d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-ws-policy", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f9dbcab9-3185-579d-be5f-75ea99b721e6", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d875ceee-7674-5fe7-afc9-3284a6549d59", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:efe38915-e1c8-5a60-8be7-261b0cd6ed9a", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d85cf50d-0c5a-52ed-a4c2-bd92b8fcfc92", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5e72b355-bfcf-5e8f-82fc-a3fc11ce7ac2", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6901282c-5de5-5b76-9b8f-e9d77a73ee10", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1d6a4e91-6a05-5a7b-a604-d55d620f2b65", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:afe8feb2-f6a8-5183-8bfe-c43c01341872", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d2d9104e-11f6-5f82-8993-784015345afc", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5b0acc7f-0fa7-5f3c-b3ee-e1a2574cf8ad", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:98a8b149-6da2-5e18-9310-3bbc84d67a2f", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:98e4215e-a38a-5c8e-85e9-f7bcd268d119", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:18b741ca-f0af-5356-9f0a-53d2a4611256", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d72dbcf3-f435-5b58-beb3-dcdbd6f26929", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e69b2770-2532-5fde-a2a3-60f160b2ec27", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:03d6cb3c-6ebf-5d27-b40d-3567773201a0", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1bc7bd22-ae55-5f05-a3f5-a18e03e8c037", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-ws-policy 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6f70c658-4501-58b1-9d77-1823cb1c1c98", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:55085e46-d3c5-5b63-9499-75d5a1b4b6c5", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4a42f479-dc91-5aea-8fbc-2ff783a26e7f", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:da2bbf79-5a41-5347-a20a-c583b63452d4", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7dd38fd4-af53-52d7-8283-0137860872a9", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ceb855db-79c0-5141-89a7-05aa591e55e8", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d52ae2fd-9a6b-5b1b-b314-161694c8a8ac", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:63eb4556-70a7-54e7-b988-a3f9d95d4824", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:86a49d89-2c46-5533-8f04-fe2f4cfc87e6", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-ws-policy 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c84cd4ac-3f07-5b44-91a9-c190f09e749d", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2779c06f-efb6-5179-aba8-1d52aa70d947", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:badf72a0-33bb-5d15-ad09-1d510b667c79", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:89806de0-a001-5c64-9a29-7c41eaa40f13", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-ws-policy 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4179c31a-a311-5c22-a8a4-fb5ebc1b83a9", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2d6617dc-d47b-57ee-9951-6c6aaeaef691", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a5408b20-ddb8-56c1-a01c-cbef68ee0f49", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fbe3d89b-d9b9-5280-9396-30e2e88d0ddb", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-ws-policy." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.5.9-tuxcare.5" } ] }