{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e25c314b-6dc8-58c0-825a-70a8cd6b4c61", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.4.5-tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools-wsdlto-databinding-jaxb", "version": "3.4.5-tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.4.5-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ac6cca31-a639-5429-801a-278dd8f0c08e", "id": "CVE-2022-46363", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-46363 is fixed in version 3.4.5-tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a920e18b-a241-5d42-b52a-8c86500c61e5", "id": "CVE-2022-46364", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-46364 is fixed in version 3.4.5-tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24bf83ba-57d1-5588-b520-d920f651e31e", "id": "CVE-2024-28752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-28752 is fixed in version 3.4.5-tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba54ce61-dbff-548a-9cb3-ee7374a60661", "id": "CVE-2024-29736", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29736 is fixed in version 3.4.5-tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f9d98602-2671-53d2-98dc-8d89804d9327", "id": "CVE-2024-32007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-32007 is fixed in version 3.4.5-tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:40064e46-6f6a-5a9c-8e8e-c8799fe543fc", "id": "CVE-2025-23184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-23184 affects version 3.4.5-tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2978005c-c5b8-524e-bb73-16b64e1db25c", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.4.5-tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f3cdc78-448d-5681-9f35-f3db717222d7", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.4.5-tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.4.5-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.4.5-tuxcare.1" } ] }