{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:20f9a9c0-9ad1-5bb8-a9a7-4e8226741368", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools-java2ws", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8bd60b6d-9d02-504b-af21-7c84dc814dec", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:38ff3ca3-1c8a-5631-bead-b44aa8f0f602", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ffb43bb0-1a39-5a1a-b8a9-fb2b722a0e96", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0761a145-4d16-5f2d-b1de-7eac3df55dc0", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2f98f867-c2cf-545a-b062-12be6b1d6706", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b0160306-9424-5cc9-9e5d-699787eb994c", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:51b713f4-8801-57c0-ac22-641d64e24225", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d30f9cd6-504b-5195-8324-6eeed0740d98", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:30181ebc-e255-5f7a-8507-e58c9613da98", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4f32c49c-f22b-56b1-a367-b80a6d804a50", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3c595a82-ddf7-5995-b3a5-4b42f2ac4c58", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2282797a-34af-5391-aece-341e952ff801", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c190b35a-606e-57c4-aeee-93a7eb7fa5c0", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:8b51e744-da2c-5dad-9c75-5a363fbf9589", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ade08fa6-e05f-5c83-9068-1f47f7434185", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:557ad813-7e3e-5842-9893-15a22d3bd92d", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:07621787-6462-59fd-ace5-aeff9e7688b0", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a012daa8-d80d-5792-96c4-555c96b982a9", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:19de69ab-ffe1-5120-9adb-2fb0b6b09d9d", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:23f1e319-8f22-5f25-9452-fc279a2e2518", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:387df478-528d-57ad-864b-995e3435a6a9", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5bc29973-7e7b-58ee-8a92-560d3c466c5c", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:04073fb5-f4f6-52d9-8807-0ef28fd9736d", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7be1cf17-091b-57ab-bbe7-42f86b22b9dd", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6ae839fb-b8ee-5d71-8e04-cf25cf9e14ab", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b9a7ef86-320b-5a55-8233-3cd0dd9f1485", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools-java2ws 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d70b83d8-f304-56d9-954c-dcd5b8d41bd5", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2e513869-cd42-5999-9dfd-b92e141eaefd", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-tools-java2ws 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0c7da120-5bdf-535d-af02-6f5f4c084d42", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:48608421-308b-582c-94e0-ae439e5fa987", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools-java2ws 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6bd01efa-b17d-57de-b65e-2e177b1c3df0", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0b453647-d935-5b88-a170-40401bed1bc7", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.11-tuxcare.7" } ] }