{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:34bc4f22-0f25-502a-8adb-edc28a8f2e74", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-spring-boot-starter-jaxws", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:406afeed-523c-53d0-9318-b2d96bd095a5", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6a42a560-5bd9-58ab-9a79-549b3030bea7", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7389878c-55e9-5dfb-8bd7-4f405a3bf333", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:481d90fe-b037-5395-80b9-d850277a8c0d", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5daa039b-5cb6-515f-ada2-6aeff71cb5b4", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e146e63a-6ea0-5738-8551-59e8b3f5865a", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1b0f9c11-c244-5892-987a-adffa6eccc8c", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6b69eff2-86c6-5552-80b2-8c75168b0b82", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3fa7b3bb-c78e-5a36-99ec-99132fb92f4c", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f2faf658-eca1-5d10-ab97-1613699d3ec7", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aa504aa6-f2b7-5ed0-8825-98fdfa75494b", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d0072b26-32e2-5944-8c17-77627b6aa726", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e04f8257-ae86-559d-a201-2e903eb190ca", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bfcc0c2d-5264-521e-ab95-34e6dcd1fbe0", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0a776989-9602-5cd3-b7bf-9c0560281f2d", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3e9b4183-5b56-53ce-906b-f18da673b545", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d9178af6-91f3-54cc-a186-10dcfe21e47b", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-spring-boot-starter-jaxws 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:657d7b21-1ead-5159-b260-da643586ac8c", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:30fc26b9-c659-5b12-a735-5c24bcf7afaf", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:20502c53-0928-5816-a7c8-7f36bf8af045", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ab3b1873-e12a-55b7-b2eb-d5b879a3a9e1", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7d0b98ad-b496-5e40-b25a-2bb5e5992210", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5c45fc58-1da1-57ca-9278-63f2aa2aeea7", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bd36509c-b5a2-57b0-a3b5-9a13f19e4952", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e9a3831c-6731-5090-8b0d-cb6b210efc3e", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:336b7620-7c8f-51d8-aede-73dadc5ad764", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-spring-boot-starter-jaxws 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:80efd501-cf1b-5479-ad20-1a2300df3e3c", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dc82db86-cece-5fea-a3a3-55a8a668436b", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:18a72f0c-797f-51a3-83ed-a363158ced1f", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f5de079a-726d-5ce3-931c-77a28af142e0", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-spring-boot-starter-jaxws 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7011c849-5c0b-56f7-9bcf-6322d4ca76e3", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:35f034f9-4ed8-5ad5-af4f-a128529db73c", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:06aaec21-d030-553c-bc4c-f39f8821f32a", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bc35a679-3c0c-5e34-a4df-b44490052fc1", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.3" } ] }