{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:68e8b1b8-0234-5d41-91c7-8c8ebd7b50f8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools-wsdlto-databinding-jaxb", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:25c1a06f-5876-5490-9fd8-2e70154166d0", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1dd42082-8aa1-5bb3-8ce8-9b64a9d068b2", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e8c8dc01-a22f-59bb-b5d7-bec8bd20665f", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2f18245f-c97a-5dd7-8fff-f7daa85ef837", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2b202933-055b-57fb-b1f4-7b1d09134bca", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8b23241d-5ec6-5d06-9ec2-d20f0bdb22e9", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8bfc8e8c-10b4-57d0-958c-c9757a1a811d", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:91e46367-6647-57ea-9ed5-bc1ee6b874cc", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1e6b991a-63f5-5c81-8bb7-9706448b08aa", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b7a7df03-9bea-58a5-a4f0-0c6c5f1b6363", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d3ad46be-c0f9-5808-b8ad-5513be320b3d", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3ea8fc3f-eed8-5d4f-ac57-f17ac391c9b7", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:88102a9b-f434-5123-a950-b2089134752c", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4b1c8d4b-ae2e-551d-a9e9-782c44cffb46", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:82ee4ae4-97ff-5b4f-89fa-cff4ecd91615", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2993ee28-6790-555a-9714-265c78eeca9e", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ffa28e79-a9fa-5b0c-993c-4c3b3a8f66d7", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eb06287b-5d17-5270-abe2-8bc0981a8307", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b492c935-6e9b-529b-b5be-488ebfa5e295", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2a7f3dcc-a4c0-5101-869d-e43870833a3d", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2cdef7bd-c224-5a7c-becf-89963256a36c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:357f9993-407d-5121-a670-7c513abb5cda", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a88d4e08-e103-5f58-85af-d335ed2a8f31", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:31dd5ad5-c9f6-5a7d-b1e3-2c7dcecd4fad", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0e4558de-3d88-57af-b10d-0836c6edc54d", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ddf65edb-ea00-5251-a481-bdcbe033c077", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3758a334-a0f6-59cb-b07d-76854d974634", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9b4d2cc3-23c4-58f6-b61e-f221d028082e", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e3de68e1-fc62-5813-9f63-29fa574c554f", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a2a63986-aec5-59b5-9e45-b17fd9d1ce47", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d57db4c1-cf79-54dd-8013-bc7708a0e585", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b46a9aae-4d3a-56be-838c-329b8f0f8be3", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c7377235-025b-523a-b6eb-322927fad3ed", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:855c71a9-d8be-54df-bb64-83004c1b77df", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9-tuxcare.4" } ] }