{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4310ec7f-8549-5d8c-8208-046a6cb5c05a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-spring-boot-starter-jaxws", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:01970446-238a-56ac-bba4-d6567614b69c", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78ca7ae0-0c9e-54fc-9413-6c79d4a00979", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a5fb363b-cb16-5227-b43f-dbf48850e4d3", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:34a2986c-c78d-5ec7-b2e3-e2a935ded5aa", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b9aa399-0ab6-5a4f-a2d1-ec22c1d29cd0", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:12081051-141f-505b-aaf1-bbfe49d713cc", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c08cc429-78b0-55fa-a9f8-3487f85baa96", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3e2b12e7-02a5-515b-8033-4ccdf3a9aa7b", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:99333788-7c05-5457-96ac-3cbe29d8077a", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:39087da8-e13c-5826-a31a-fed6dbb74061", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:72562a9c-8c51-5c7a-b322-826037555cb6", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cf45de26-09f8-533c-ae84-0f15f5a33c5b", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b71bb4a6-2e76-5f1f-b34e-b89140e5a4f6", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:88362302-590a-573e-8a69-41c443f71624", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4639e762-1d6f-5364-a981-93c39ae02cbd", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e1da7723-3402-589b-9234-ac8a5a827986", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7927619b-fc20-562f-a65d-99b67f68c665", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cd85005f-745b-5bd9-98ac-9ebc341c989f", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:134cbf08-44f3-5b35-a4c2-a40ee5eaf8d1", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b9c84d92-ba3c-5bd6-8e13-58e71758e65e", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5031c0a9-7a23-5fa9-9a80-0cd542f0a5b9", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f87cf597-2d20-54fa-9590-617a61d24445", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d2d33df6-88d8-5ed5-b9a4-c8d46bf2f2fa", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2a76bcbf-6c57-5bc3-9ad8-d359a264466d", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b9d3b020-2613-5f51-a496-f2afe8e870e3", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b679e82-d50d-58e9-bc51-ca110d7c9587", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-spring-boot-starter-jaxws 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6d32eb81-6ddb-5d18-80e4-079e6963c63b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:58fa94d7-a1df-5188-acd7-4e801d3c2dd9", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-spring-boot-starter-jaxws 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e21893c1-2ab6-56cf-a694-9109f10f1e05", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:10b60929-69d3-50b4-85d8-5af85532b883", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-spring-boot-starter-jaxws 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f97c4ea7-503b-576a-91e6-a6ca95af6713", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9242c461-23df-5cfb-980d-e8fa26076bbe", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.3" } ] }