{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:84040de7-5509-5e39-8bc1-8b3ef6e33ece", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools-java2ws", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f3c6bb0b-5900-537b-a7af-fb881a3c6628", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:792aa8a4-dcde-57df-8584-579e31e36bb2", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:418d0b80-b4a9-5715-a358-5dc275a691f4", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:518402cc-e37b-5e7c-a8a5-d9e616cadf18", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:987b531a-5a6c-5463-bf0b-b3f80b392522", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:45518df6-bcb5-55ff-9f53-8841a322e583", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7f1bfe3c-951c-5acd-a56f-a8d343306a96", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e5393c66-a0a9-5afb-86cc-8d02cef0d0e1", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5668a3b1-a3ce-5043-966c-166adaf1bbbf", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d617c967-e4e5-5e6b-9bdd-c0d2dea9975b", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b6a06bc4-b866-5eb3-a006-75897f52f12c", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bded7bf2-037f-5de2-a8b8-2e4847fb3ae8", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:649c441f-5fe8-547f-8002-2ad87452aa84", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b993576e-db52-58a3-8ec4-dd7bf0296380", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:72e1a255-973c-5cd6-bb31-9a7f74518c14", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:71669a21-2183-55d0-9bcd-558aa6939efc", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:12c8301e-24e9-5b97-a186-cf8e9687957f", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cf1ddef4-9c90-5a17-b706-8ec29423eeb6", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:57acb272-f20a-5ea5-a58f-736258f6eeff", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f0b0bccd-9a01-579c-92d8-18eec0dff9df", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d7e647ad-4bfe-5ab0-b6cd-d1c305ee75eb", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:67e3698e-8807-5b06-8d20-e6157985f4b7", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:063bd56c-fe05-5833-882a-c6a769a13ed0", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4463313e-7bb5-57ee-b5d9-936abca45cf6", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:de1e54c3-33e7-51b2-a3ab-e95cfc622fc8", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a286dc31-794c-5195-a82e-4a59575647fc", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools-java2ws 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b84d548f-eb10-5830-81cd-c501effd4ac9", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:40063653-70d1-551f-927d-6324aa2fb631", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-tools-java2ws 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fe5e4e74-bace-59e0-8a1c-b08937203dc4", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:acb7c118-3aac-57b0-b08e-6e7da2254b44", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools-java2ws 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6185c271-30a5-51b2-8dc3-005f054a67a1", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:34b2f44d-ac17-55ae-8269-c7d077170fc2", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.4" } ] }