{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:feac9ffe-91e1-5994-8855-36fc39b5e8be", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-jaxrs", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9b0cf633-be5a-5391-99d6-0980634bd640", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3e8b40b3-a0f6-5e42-b3f9-226082c77e71", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ac26e890-79a0-5bc8-9ca5-ed3ec6b209d9", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:89d667f2-ec0d-5dc9-891f-9d01ea076afb", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:02f1484a-de6c-594b-a35d-b89a1ed55e88", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3c36702f-c2b5-5551-97df-216b448da813", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d73dde2a-6cce-5c59-a918-734281b480d0", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:801a67e4-cb74-5f05-8e29-26e6050a620a", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0c49890a-ac17-5450-a04b-ed7eb57703e3", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e96c9cb6-b50f-58df-8039-b0922315ca43", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:047e80bb-1992-5025-95f5-d23ef4327fbe", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5d7b6578-ac26-5d51-b644-dd82eb27b556", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a68ddf69-28f7-565c-bcf4-597996ced766", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:89abe817-f0d3-522e-9123-add60f9bf071", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:71be6781-0bb3-5f2e-a40c-6553b323d533", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:21a18deb-9b7f-540c-84a1-b67bfc0e1d73", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:060dd7cc-c50b-5b9c-bd91-a0b66396d1ae", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b7f49a30-4209-5f91-8ac2-064107852d35", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:86c9f0e0-f849-5cd6-98f5-1e37d4f57273", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0cc48c55-04fa-559f-be92-670e490d877a", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:75e205ee-b9f1-599c-9724-7e5b3874f92d", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b4508b09-06fc-5d50-b110-bdff22e0fbf4", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2dc545a8-3c29-5929-8c53-948b96bbe929", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:64f5cfc6-8c44-5451-9cea-02ee510df7dc", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ca15a82b-46f0-5037-b1b6-efe2685f88d9", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f94d5b14-8cb1-5ff9-9f58-b1214253d58e", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-jaxrs 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a0e8d74a-2248-5ae5-a412-bf2aad803550", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b2489d56-1b71-57ab-a912-615bab10fe2e", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.systests:cxf-systests-jaxrs 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a549b850-27bc-5af2-b49d-ae37ca620323", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:31e2546a-1f84-5b67-b857-263d27eba8d4", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-jaxrs 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9cae094e-bafc-5409-8c3f-b0dc58d7bc12", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cd52eba6-eb14-590f-b9e0-695c892c080b", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-jaxrs@3.5.11-tuxcare.4" } ] }