{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fc99c650-807b-5b75-9827-7d10413db708", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-java2ws-plugin", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bb2b5c67-731e-5d8b-b26e-c76282d8080d", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a062a133-76f0-558f-b70b-9daec1b7dab1", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f664146a-8ceb-543f-a838-0e551ab4ab31", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:585f024b-fbac-55e6-a7ca-b6bd5b2100db", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7d5f2862-ff4b-58b8-b521-63a663d6c50f", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5d16f1d7-9a3d-5e7a-a79b-ced1ddf2ae5d", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:831d2f2d-61d1-5015-b055-bc924dd585de", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:63cce5fc-342a-50e5-9236-743ba3233572", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cd4413bd-1325-5d7f-ab00-b1c9fb80d1e1", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:56f52cc5-c84c-583d-91c1-75dfe4ae3b3a", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4383bf37-33f6-5ddd-b017-f614a2cf077a", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5f49e731-4bbe-5af3-9f9a-34a5279046f9", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c80480e7-234e-5559-84bb-72ff61d5f296", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:839f707a-4fb2-5f05-b541-411ac0cff6b3", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:723ae626-c1ab-56b5-9cff-b7789cbf5b57", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:741684b9-6f76-5e6f-9a92-df08ea0edb10", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6702d98c-c8ad-5467-86d3-47e5af10b793", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-java2ws-plugin 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:73193eff-3e02-5746-8b9d-16aa3d3fa56e", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d5448c46-81f4-5163-a857-7070b1b50a89", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:264e92e4-40a4-58b4-a853-703c70f1c8ee", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e6649c31-4466-51e0-8abd-3ed918197461", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3fda8500-9843-5e8f-988b-64b63b0dc9b1", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ebcae929-22ca-5a13-bc35-acabd90bb5e6", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8be566d1-a497-59fa-afa8-568bec35df57", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d9ca48b2-ea3b-56c8-a700-aa7a47f4fe5b", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1ce28122-6c75-54bb-9e7c-4609a5473e09", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-java2ws-plugin 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3bd64d0d-e6db-5724-92cc-c9e1a1259503", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:086a64fe-fb23-57d6-9617-a08c7295d5d7", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c16a8bd0-879b-573a-ba36-cd571fa82bc5", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0c7f80c4-6917-54b3-bf05-5e82689b1129", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-java2ws-plugin 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ec2daae9-6192-5fe5-92bf-33250fa7d6b7", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5df602b2-6e75-567a-b829-dea5c1611c46", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b1d2a041-20d6-593b-970c-86e52f08bc6b", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:616fbbca-6fef-5c8a-abfb-0d82c678a661", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2ws-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2ws-plugin@3.5.9-tuxcare.5" } ] }