{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:067ae204-34f3-5892-aa35-90b31f1f5ce5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6", "type": "library", "group": "org.apache.cxf", "name": "cxf-java2ws-plugin", "version": "3.5.11-tuxcare.6", "purl": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cebf1c1c-7601-572d-8c34-b7f5dbf18688", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f60167aa-d428-5ce8-a7f8-eeb364414505", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:281931fc-be1a-5ea0-9033-4c3cb370b56d", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:27ab0d4e-5d6e-5136-a9d4-1ee4e91deb56", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:674a3955-df2f-55ce-a2f3-23a1bf1ffff9", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:38f55d40-e7d9-5300-bc05-874f5ff92d3b", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:70156427-0129-55ee-89cb-4f99adbcf4cb", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:130e509b-4865-5dd5-bec8-f43b2ad26f70", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9f9498e8-ed95-54ed-9cf9-d4b08d73bc20", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:83647c3d-e92a-5ebe-a53f-b7f84e1da289", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fac65b70-1c0d-5e2e-9ae2-b6f8b791e9f9", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:20c45998-679b-509f-bf73-55e472bf54c7", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:893a5b2a-899a-5372-bef9-a11ced7f718a", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:dd4d8756-a461-5373-ab28-35922f5ef6f7", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:46165333-7afa-5c28-9953-8d3f02fc1da1", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:937ff113-0989-5c03-9615-dd0ebdbb7772", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:40cacd18-f99f-584c-a213-6f9785849056", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:61a2c20e-9947-59df-a3fd-38db46a2376d", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:acb37e5e-7e8a-5666-8a98-f940d8cac1ae", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fac5cfa3-d9ff-5b17-930a-4f9424aa4f2f", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fedf63ca-f72c-5dbd-9973-b96811171c29", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2321b573-7d40-5e61-afb7-84a68f65ce60", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8fb5a030-69a9-5f17-b56d-ebd4f545409d", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:59f6ceee-91eb-5051-90f1-df1b1b8bed37", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4df347c6-2f03-52d8-a75a-4bb2d03f18e6", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:50ae9d8d-1e5d-5f34-87ec-0b04b9028e69", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-java2ws-plugin 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:92bd301e-a4a8-5b12-8860-f4bc8422c07d", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f5166147-5960-5dd1-9086-401f7882691d", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-java2ws-plugin 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ccd10d6a-0fb2-5df9-809b-2af284bdbfc5", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:dfba9c4f-06f6-5882-bc2a-34d0ad0efcb4", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-java2ws-plugin 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:19de7120-31b3-57b0-b8e4-64c57aa82bb3", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:61c171a2-1882-59a2-9c29-8a0866ffe8b7", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.11-tuxcare.6" } ] }