{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a1ae16a2-2b07-530b-ab18-c1f79fb00516", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-spring-boot-starter-jaxws", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:dca6c2dd-fb07-599d-92c8-ac38c65fb298", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c9f8a3eb-0bb7-5515-8420-14aeb0b42d4c", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d57689d8-d305-5d0b-a5db-df336ffdea12", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d453abbc-32de-5541-8a82-cc9bf96680f4", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:55b4660c-60db-5b4a-97ed-e7dca63fdaf2", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5e1f630d-581f-571a-9e23-9d04f053ec6d", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:01580fe1-347f-59f7-9664-3326cd3b6748", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:29ea69d4-e7ec-5fa1-94db-ff337693e60c", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1b9568c5-f260-5e35-8ae0-08003984da9c", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d1a3757e-cf08-5599-a604-2648f4942694", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bf7ba4ed-9c82-5849-9236-5bea7b6e8976", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f9c4f738-7fff-5180-be4b-3493a3c452bc", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bd0eaf86-b369-53e0-a797-fe423b82e8d0", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ef646ee5-839c-5dcb-87c0-2edcf4c87eef", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:07f38e56-38fe-54f5-a529-452ffdc62dc0", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e082e9b6-966b-5c5b-8ec7-4c3cab69a49d", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:01eaddd6-30a5-5fad-b131-da621cd7fe83", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:384318e4-2079-57b4-b5e3-94d2687f1922", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f2cde589-ce60-55d9-a6db-00e6008870be", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8645e73b-3c9a-5a75-bfa1-f7d857a42cb3", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:af8cbd88-cbf8-5f3b-8985-19424360c2d1", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fa02bdf2-3d39-5088-9259-35365b78aabc", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:11c6e838-375d-58b2-b4ec-d358c8544d2f", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:773c9407-cb37-5a02-a2a3-2600ee5d5596", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:43171f61-3f5a-5f98-86a2-941bfa62b5bb", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fea7dcb1-3a8a-582b-9a42-d559e4aabbde", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-spring-boot-starter-jaxws 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:794f41cf-4fcc-5eb6-bd4e-4be1112a5691", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2909ef94-8222-5209-9f59-a7db6448c3b8", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-spring-boot-starter-jaxws 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:188b0dfa-18ac-5269-9e2e-dae26e7b3069", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e2113235-e76a-59ba-8624-d5afe2bf6bd6", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-spring-boot-starter-jaxws 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:69729406-c83b-5ff8-9a98-e2d77c6da2de", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:45652179-a5d0-5196-a85e-bd2d51f479c7", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.11-tuxcare.4" } ] }