{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c7816aaa-caca-54b2-847a-c0bdaee137c1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools-wsdlto-databinding-jaxb", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:eb8d065e-4ea9-5186-88c4-5e3d17426ddc", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f968ca6f-0fc8-57c2-8f85-8593e9120d63", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:24d8a8c3-632e-553f-aecd-4683a2ee0a2a", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1e092538-9069-5992-bfac-51783e3cbaf1", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b986e3b-2a77-5bee-8753-b13b7779cefc", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9c30d800-250a-5185-b227-d489c42ba899", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28fc2f30-dbd9-51ab-a960-d25fa65410d7", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37209f83-aae8-5fcd-b7e4-41baffa4f895", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6d3dfd9d-9220-5386-8ef1-04c883f6dbae", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6fb57768-97ff-5bcc-86ad-c176f997f70d", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b16910b1-7d96-52a4-8401-f333f4be4cd6", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:85978ce4-8a8e-58c9-b207-ffb9890fb55e", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4913f8a2-ba33-51a2-bb12-c69bd32fdc8a", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:46341a56-220b-5f84-88ab-3d9463c6f669", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a4288bcd-475f-570a-b3e2-185d688daaf9", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:86aa1eaa-85d2-5fb3-9817-4fd0f2e59924", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d533542e-2dff-57f9-8ec5-56a7aff5ce8c", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d403fd84-dce9-5fba-b9e7-9a543d41370b", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c7c13ab9-2aad-51b2-85eb-031e2cc0db50", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:67cb2044-64b4-52ff-90cd-c745efa29c2e", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d6fc6d3c-3c28-57f8-9f1d-258c54a8a77b", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ecb0e01f-e9a4-5876-a9e2-01e364831df8", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2bf7cfcf-f31d-5d0b-a37b-fe777b371ae5", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c9f7af25-9514-5c5a-9cc3-42517d911834", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:39ae8729-1e65-5e22-b9e1-63b22810a176", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0177ab2d-b971-5b57-b42d-427e03e002c0", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bc19a93a-1e81-588d-bb49-09eb96fbf121", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fa4b6af0-1cbf-5975-bc91-c8bcc4c062a7", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ab7608ad-f3e2-54d9-9763-768e1901de30", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1dfeba71-aa53-5baa-bbe7-d4cb08824c36", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:21f819d5-b235-5477-a535-ef854dde4d76", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f3743824-4335-51b1-9168-3f39ab8c4309", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.11-tuxcare.2" } ] }