{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fbf5b7b1-2b74-590b-8e79-12f30648764d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-spring-boot-starter-jaxws", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e7e91c71-8da3-52f7-80e4-14d377c0c226", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a1132a91-7c65-56c0-99ee-67d6e750d4dc", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2fba3012-b0fb-5010-baa5-7463e2721b86", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3edc814c-a194-55c9-a4ac-f25408de4508", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb353b8d-cb78-568c-a850-5f32ce4fb76d", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f4874ea7-8203-5ba5-9312-bfdd71074841", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f1cba4a6-d65d-5f29-b509-2a011fcfe230", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:461616be-3d61-5094-a7a6-49810b26f2f3", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b9bd303a-b13a-54c7-97cf-87caf8fa48e5", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e6196a4-ec06-5b6b-a6c1-b195010e0982", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c54031f1-4db4-52a4-8101-c45c80b222a9", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ba100e5-fa2f-593d-a417-b2db5458cc39", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7080f4d-4ae5-5ed8-99fd-907a2cfb53dc", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6baf43ed-4c8c-51bf-a42a-93f9bd82a8d5", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4adffdf3-9b5b-50af-b599-b6e049a770cb", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9015e78c-1494-515c-bfd7-6039b7e01652", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ef9ab7fc-f9ea-52c7-bc90-4ff569c00b44", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-spring-boot-starter-jaxws 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:db4473f7-8739-597a-8790-e1c72bab6c2e", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9b19730-bd9f-5d80-8c1a-67f6d04ecd25", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fb54927d-d433-503b-b323-ba56f990b6ab", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:249e106e-8a34-5a6a-bb83-65c69d7a8681", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:823a2ad0-bb73-5b46-b021-ca010f727702", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:63a8a908-aff3-5992-b975-30723c8fb0e9", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f2797ce1-592b-530c-855d-1025dc0b01ea", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a18cea3e-6cc8-593c-af1c-83f5f27ff395", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a9323e1f-72fa-5b3a-b926-f29e34b0adbc", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-spring-boot-starter-jaxws 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0893389c-7163-5af4-bfac-c09b88b1b799", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df446de7-7493-57c0-878c-059a7ea4d51a", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:24d947e7-df08-525e-9c17-f870ae127b23", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b9493efa-d7ab-5274-92ce-ffca6204519f", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-spring-boot-starter-jaxws 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b2f3c35-31f5-5ab9-9ada-bb186601ea4f", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:167abf95-e81b-5aac-9c13-2d60c3849cae", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37d5ef72-8fcb-5a15-a24e-964d96d5b05c", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b2a6028-7362-5c09-ba80-ffd0adfcde8d", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.2" } ] }