{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1c97a5ed-3e19-578b-a27f-ea8787a424ca", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools-wsdlto-databinding-jaxb", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:76caf68a-5b8f-5450-bb90-cb378aa2c585", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:38497794-ed87-5188-8474-55d923987244", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:34bd3c3c-b022-536c-928f-0aacaa63bb2d", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb545520-cd37-5ccf-bc83-6c17c376bba6", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d3331f5d-f8d6-5695-90a5-c2b589508d2f", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3aff2591-522e-5e33-a736-3eec1ec67b35", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:abdb973d-179d-520e-9083-1e3a0f5fa07a", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:51f89871-e8c1-5add-aa30-552f44a4061b", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9aa8f127-6d89-52a8-aa98-3dd2f74e6514", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:548a6767-2e77-5387-8daf-4f7cf2bedf24", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58724365-ab10-57ea-b570-982bf067f000", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e8b4a917-b892-5112-bf7b-7c9aa48675f6", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2d1c4a65-257c-5a4a-abdb-64bb7ff0e30a", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9eeddd29-4c47-5f98-8788-d195777485ff", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20b23c05-5b6e-53b9-935a-41fe0ff9daf9", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2cc4392c-7041-504c-acae-92a4b17e3293", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99de23b7-f681-5c79-add9-09bb742c7250", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:47ddf4ba-6479-5f41-8a44-38b30d273c2f", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b3cfbd9-c0f7-5fe7-a2c2-95f1b8e879ad", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:defc7faf-48ce-565a-a6c1-85e29151f308", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a8cf0110-20f2-5540-9bc4-c16ec0e11362", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef49c7c9-5dbc-5f19-9dbe-e9a339ee02ac", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e8475d25-690a-576c-94cd-4c7421145da6", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce54c34b-fd4a-50b2-9cff-a77c9c32912b", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d055d37-fdf5-5e4a-b07c-dd9ed6bd90fe", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b9f82bea-b0c7-5333-8218-44b0b8a08871", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:526f0d44-4049-5ab0-ace1-d0e9f226a6bb", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:734e594b-5438-5211-87f9-bd408ce7b261", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:17867587-fc38-5c9b-bd55-cfe2ac31a814", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4790ed6-7f0f-5d18-a734-68ed8adf85a3", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:08edd3f3-2c6e-5083-a48a-88c5bd5cab09", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e65ae9d-57c7-51c5-9e4c-d5f5ab2d5107", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:82988b29-07e1-566d-911c-d9cb0094ae8d", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe5923bf-a032-57a0-ae15-dd76d745bca8", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-wsdlto-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.5.9.tuxcare.1" } ] }