{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:90bfb3ac-1658-5260-94d2-34bfd1b9f76c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-java2ws-plugin", "version": "3.5.11-tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1408b972-b4e9-5ebc-b763-1c502ef72368", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bfa521dd-a84e-5a8e-87fd-7c4f5703b9b3", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:25d9ed62-ee51-5fac-9ef2-dc07f7709cfd", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f58b30f3-0489-569d-88ba-ca421fb5f4d8", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1eb9792-fbcb-5a79-9792-dae19c6b4d94", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1759d366-cc20-5121-9ce1-9cb37ad7c5ac", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a98470b-93de-5b76-bb3f-9b8322c911f3", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c454299-bb1d-511e-9842-1e6cf04b402f", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:883d4f0a-89b2-5fe5-810d-3cb4c57d7d90", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d90789a5-b473-51b8-bec5-44f8e8d95fb9", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:82897330-1c3e-5d3a-99d3-1c220743b777", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e523be2e-563d-5efe-b2c1-4e5d615aeaa4", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8fda6385-1258-5dba-95be-4f5e32361495", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc94f025-9d34-5ef8-8a69-2bc8b9100275", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4a57668b-80dc-562f-8374-11cedacd3235", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:601403eb-0bf9-5e52-8223-72b5bc8f834f", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:354f5f92-644b-5385-bca8-3f2e5cc87d15", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cfe4f80b-d6d1-5156-8780-be10df7135d4", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4a1328c-817f-5dad-afd0-603a75c1c31c", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49f23e05-8790-52a8-9530-3b1a120e03e0", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b095528-08dc-5505-b1c1-742c2202c71e", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d7e6b50-fe96-5ba9-88ac-2449600380e5", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f5cb512-62b4-5287-9ec3-59dd1415d448", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4df7c4b1-906d-5e6b-9a50-d47bc57498a4", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b4b6cd88-643f-5ac7-a718-b9445d72bdcf", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c6546e4-102b-570d-bb4a-1c89c85a7393", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-java2ws-plugin 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c9b6b87-53dd-59ca-b953-99a6baa60b2e", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a9da4387-2cbe-51b2-aad6-03cc60ed2886", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-java2ws-plugin 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:27103003-80a3-568e-b0d8-0bfbb74806a3", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:35b0db09-18cd-53f4-afae-0eeb830d748b", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-java2ws-plugin 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:afec364a-40cf-5bea-9572-2e27ff457814", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:897f4f2a-1c36-5c0f-8d7c-e036d5af49ea", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.1" } ] }