{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e69eb59e-72f8-55fa-978f-88bd664360e7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools-java2ws", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:05f47bbf-6665-52ca-984e-12abb9a4593f", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c0ed382-0629-5732-86bd-0a8f6798b179", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb7b5775-1011-5fc9-94a7-9490271afceb", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:068ea22f-0c3e-51b3-861b-158fde51ec10", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7dad5d1b-d697-52ca-94e2-e96b58a929fe", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9c08bfb6-537b-54e1-9b65-51c8e95dfd1c", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17c233cd-d7ce-56d3-a47b-eb05de6a4007", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6db9c868-47b8-50f1-b423-0a79a9dd26c5", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd83896d-939b-5a95-9488-d09387e648a9", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b7afba7-fd12-5919-ba56-f32124ebae1a", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e4d1c219-2d4f-5aba-86cb-cb3caab6bae1", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:720a0656-93d8-5d61-9b20-6b875af5d281", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ff7463f-ac37-59e5-a34f-b991a4aa3e64", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd33d2eb-2ce4-5413-a6db-67e4e3147c8b", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91ecdca9-0c58-521b-b8a6-949e71e085f0", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b2d175da-4ce8-5ae1-b908-7b8c6dd8cf37", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:80d842d9-85cd-5758-bc77-0b2845b53371", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-tools-java2ws 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf7758d3-889b-57eb-b450-f2679fe73566", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c86d5ddc-b1e1-5788-91e7-51b442befbe3", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ad377c11-e429-5ff9-902f-02b2a7efa4c0", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b4a4d07-1fba-5b25-8ebd-ce7a07e0735f", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:00bb3a7e-4232-511a-a1cd-71670fc4b002", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b071021c-78d2-59c9-af1f-d567db00d7ec", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cb085788-6688-5cd0-9e0c-98abad94f9bf", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e2fa4e0-550d-5b20-916e-4b73ab1a46e3", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5760d1f2-17b6-5ac6-b63d-2630f7e247f3", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools-java2ws 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:215c8ddc-c8b2-52ce-a456-1d4e7b54f980", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4e5ad297-8f1c-5451-b748-14b1be096ebd", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:890c0b14-97ce-5722-9dd1-1f1646a16769", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e337c6db-5314-54bb-aed0-bd260b6706df", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools-java2ws 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:02ef7785-a9bc-52d3-98e1-bf19c15a8fec", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9d45064a-af51-5dab-8584-faf421cce4a7", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0d05db7-c536-5919-9653-79624994958f", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:877071af-6e2d-5eab-a10f-be83cb124c4c", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.2" } ] }