{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:36873248-e0a9-5114-b6b4-bb38ca3a08c9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-microprofile-jaxrs", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b449f22a-0e55-5640-8eeb-c364d33a1312", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:44806713-9b36-5efe-899e-d7a79c7fa56a", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ae30f04-43f4-503e-9f86-ebe976fe42bb", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a11138e5-3ef4-5920-8cc2-c6f392dee75f", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8eeab019-23a4-57a8-8370-04041cbf9bd7", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:71e98085-56a9-5f2c-83b4-38ae7f29f10b", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6d4b1149-c10e-50e6-b8d8-f7ba9ee245ba", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d9e18f4a-b159-57f9-a937-88c135ce04be", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:61e53e12-fb91-590d-894d-9cf72f1c3b70", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e370aa3-1059-5895-ba7f-568aa978654a", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9ac97a8-01cc-54e9-acd3-5aefdcf9f19c", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5842e285-c957-5f29-ada6-ef1af250356e", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f5315425-72e8-5645-9e36-462c5dbb9b75", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96ed5440-f2cf-5f66-82f7-48e52748ff91", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:009ad488-e94e-58b7-8aee-92c098dd3def", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c6ccbc8d-4bd5-50a0-a507-0414affd0f7b", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:62f50642-2859-55e9-b853-9e0c3e190944", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ede9db4-9675-59e3-bb29-8c5e19b87581", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c6587dc5-8c59-50f1-abc6-c8bdec7324b8", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0fd1089d-bd1e-5273-9b1b-9e1b4c0cce90", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73550bb9-c47c-55e7-9218-43d1b92426e8", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8cba906e-217c-5b28-bd8f-638fd155bed6", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bdb7237c-1474-52cc-8775-0ca1d5a202fa", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:384cfe4c-45e5-58b8-ac43-78b6174b5070", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c01119ed-6b02-57eb-9a8b-3e505255a4ad", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f6f47c2b-e08a-5ea5-9730-ef270b0f39f9", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-jaxrs 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ff180801-fbbe-5c82-9420-0d68bd116d32", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:432b1b6f-02b0-5ce0-bbfe-92d73b04d2f3", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-jaxrs 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c1555dba-ef85-5cd2-851c-59f4240634b5", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f21e6511-9727-5646-8db4-4f8714a24bef", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-jaxrs 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6c306103-81d4-5d2d-af5d-9d4c43ceda23", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:62f187d8-197d-5bc7-8278-9591d7f8c86e", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.11-tuxcare.2" } ] }