{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3f32aa78-d3fe-5692-b64c-c85696faef89", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools-java2ws", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9e2c336f-37d8-54dc-a71d-5aa054d8adc7", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:de7de2e7-339e-5c31-bb63-a3c3c433f4f5", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bc20e8d1-b5b3-55e1-9922-51f1cceb1ef5", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fc7b8b04-1a4c-52b9-9c78-d98490b67cc0", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1e783000-e04d-5e35-87be-54c98052294c", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d3c9b1ad-b90f-522d-8643-e7c10cf167bd", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f8997713-b352-59fa-a65a-9d17cfd73683", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c3f2b88b-165f-5f48-81c9-24c80d62c64a", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c58be648-9c7a-5204-b124-794bdeca1b8c", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:39b86c4f-f841-55b8-8bcf-996daa96e469", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f2834e5a-bca8-527b-b05d-8957a8a9e7dc", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4bb9e7c3-d7df-5e4a-a304-e1c848d680a4", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0faa8ae5-3464-53a2-a8e6-765f16306c6f", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d30ae126-a384-57d2-93ff-4ee6bf573d98", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8666673f-5930-5a39-8a0e-940aeb92cb17", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f3bb8d4c-2b7c-52a8-9857-8d795092e6d7", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8619c88b-2785-54bd-9903-dbda94b30b2b", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-tools-java2ws 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:10f56aec-c13a-58c0-8d5d-44c8de6c2ace", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d913ff55-602e-5c70-9979-acc6fb42e7e2", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1e9601cf-76d8-512c-8500-4b2177d06cf6", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fe569536-6f93-51c4-846a-e2fa378e5ee3", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2d4eee41-b0ae-503f-aa4a-74174aa9fa4e", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6cbc7766-d050-5aac-88dd-f47180d58ab4", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:449312ef-b3f5-5039-aca4-67ac63580636", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0924d77d-d87d-5153-b87f-2e4bbd2695ab", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ec819870-613d-564e-9b14-e7a6441f197d", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools-java2ws 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0d516f6f-1814-5a14-a6e0-3d2be4b5ac6a", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8d753519-9616-5bd4-a29a-907f3ac3a57b", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e477b52c-5622-5b41-b271-5bf4f14a7674", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:13795737-66bd-56d1-86c1-e04ac0d41571", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools-java2ws 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5bbf8405-e395-588d-b8b1-b26bed82dae0", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:830031ce-ae2f-545f-8c2c-ad9b6c337e64", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fb9fdb1e-aedd-5b39-9f54-13ba4e4c286b", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2dcb825c-b685-5bb7-9a86-a0c6da8be6a2", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-java2ws." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.5.9-tuxcare.5" } ] }