{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0b3f2cac-f0cc-5a88-bee4-034e6a98931c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-spring-boot-starter-jaxws", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:461d054e-2deb-548b-9ef8-8ca8dc5855d7", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d6b39e34-515b-59ff-9595-a84a18b0c867", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1cd4f0f1-b6bd-5db8-9797-5dda40029c71", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bc519a14-2c2b-52d1-8c14-4e55a3b9e086", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:daf66ae7-9f3e-5ee0-9d92-6ccd3e111e70", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e9d4dca3-f378-512f-9a00-feb382b4446c", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b6db5e21-e008-5909-958d-448c43d254b9", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5bef1631-cc93-5458-8628-80620b1223d3", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f3ad4493-647a-56ab-b5cd-0b96189bdbdb", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b0b14256-b269-5028-9852-a0ce3ca02b51", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4848be47-9766-5342-a7b9-9b7d66c987c8", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:82db5a5a-3c83-543d-b933-129b9ef0d782", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2eaae739-c25b-51c6-8f13-1a4654579040", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1fab150b-3c1b-5656-8a37-879a032c480b", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:56a7c6d9-f034-5454-b56a-3cf85207529c", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4c062e21-3d81-56b5-813b-b1ada927f762", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:aa9e53cf-233e-5d39-bac4-c46d1947f3d9", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-spring-boot-starter-jaxws 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:af817fc0-2639-54c7-9612-17f7e636a2bd", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6eba6cf4-40a3-5c21-a21c-98205caa4d84", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:82dcc760-f8dc-5e0d-870d-94a633ed950f", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2b415a82-ff85-546d-baf4-7fb651d3087e", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5abb91e5-4080-5be4-9864-ef60f5bb76b1", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bf6a9ed9-2fa8-5e9f-99c6-360dca935890", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:61e749de-ec83-5bfa-b19d-f0960587247a", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:590846f7-8d16-56d2-ac04-1714244bce69", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0241d30f-91bb-5cec-b230-f4b5b8e4f71a", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-spring-boot-starter-jaxws 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:486752bc-69dc-577c-93ea-a0b4fcf4aba2", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:aa11a744-0263-578b-9cc5-e63b690157ea", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:53a1a368-e14c-5015-91c5-b538757296b9", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:49e0d850-fec3-518a-80df-bf128eef7c32", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-spring-boot-starter-jaxws 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:151424e6-80e2-5737-82cd-edf5af5d02a6", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:861cb165-c467-55ff-9579-82289993fde2", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a08ddec2-ca75-5149-b204-fbdeac7bae98", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f2a37196-85e5-59b1-9db2-4a9112e70054", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxws@3.5.9-tuxcare.5" } ] }