{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a2c2fedf-8b42-545c-a8c3-da0715d911f2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools-java2ws", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ed5387cc-fec3-58cb-ae45-7187907571a9", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7da0266b-c6dd-59ec-8312-a4a311d1c520", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b48f1180-3f8b-51b0-90e6-cfb67c083fee", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2cc86a6d-e3e4-5df0-b84e-7c5b74f8004d", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:30e4a91b-038c-5199-8cc9-92a7e3156fef", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9bafa43f-e52b-538b-8d1f-df6e9e49b7ad", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0deb5bca-9a76-5a84-a4fe-d4057cd65670", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9c7692ec-410e-544f-800f-5410f79df4cd", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:99cfe0ec-522e-5213-8b50-bcf34df24b9d", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0c6fa45b-515e-51c5-b2ae-42f4248364e7", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7e3e6d40-bac7-5952-b6af-157685dfe464", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:02cbd86a-0d85-548b-a4be-22c2ea3ab9d2", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d41a4baf-98ca-572d-b565-028b57b203db", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4f271cf8-660e-5a90-adf1-c8db2918321a", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:04644a41-b7af-54eb-b333-661c5261351f", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2f917ca9-7b78-5ca8-9fd8-a5e0957e9268", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:51bc36e9-a709-5f2a-8624-25582fba971e", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:29c911be-9be1-51ed-908a-56d55402f796", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:29fbf0c8-f143-54c0-ae22-4e4c7a48e2d1", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0bc36754-2291-56dc-bfb8-4ec7385c439c", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:257e1a2c-ca42-549e-9475-a25b54fcbbb1", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aca6ee79-daa5-58ee-a123-bd9c6b744f88", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:530328a7-05e2-5949-acdb-94d7dabf7f72", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8625867e-663e-5e4c-a51a-15b8cd735861", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9873fbeb-5568-5266-9bcc-7bd890428ee2", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6a814f25-4ab5-517c-88eb-27de478f4592", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools-java2ws 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f9cd046d-0ce4-589a-8d7a-68e7ab6e1523", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9d2762d1-d9ef-54c3-9a6d-1daa73f120f7", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-tools-java2ws 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d65eb137-5a02-5be8-904f-81244bb40451", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f6738cb2-5677-50fa-bc22-4da4903b90c1", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools-java2ws 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a1a48885-250c-5874-8c1b-439fab1d3298", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eeba1945-adb0-58ea-8aa0-10ffd0018d15", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.3" } ] }