{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4b922031-13f8-5a83-828e-3900fd6b1fc3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-microprofile-jaxrs", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1d5c0ea4-8ba3-503b-881f-db5f30c1d281", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f79854a2-0bd2-5ae5-9435-8e8478c20b31", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6d1d65c7-8137-5d4d-96e1-d6a400f719e9", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7502333e-b620-5cfe-8612-48ebecb5374c", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:87955847-99e5-5c77-bb32-7924d335674f", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a1762417-d7d8-5b93-9e8b-9df6cffe68e4", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:71aaa7d7-949a-56b1-8de7-dde877d11466", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d16957c1-526c-510f-9a95-271e23115107", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:53621dcc-9eb3-5925-a963-150c6f4c7dd9", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dd8eb2ee-fd56-520e-9644-4836ca49cc4c", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ea6136bc-2ccc-5188-8899-644ca3e7c0f4", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c76f5afe-5098-567c-9c8b-e58221dc29a8", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7b62831c-316d-5d1f-a92a-eb49a9051031", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:40a02cfc-41f5-5cad-9ce8-7a6cc38b4bbb", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3f05e00b-23d9-5fef-a20c-3fac6cde6814", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:66e9282d-3539-5552-9044-d8cadd92514c", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:19dedf25-f32f-54c0-930f-bbcf52b830d6", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-jaxrs 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:85d60256-6f60-59d0-8a17-06ddae5eb38c", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5ed02e99-8a3c-53c1-b23d-e2025d5a1717", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c66669ee-3950-5d25-8aad-da8054b574cc", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:77aa505f-ac49-51d9-a7cc-f33e497d45ce", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:86e07e2e-d171-523a-a1f3-9dfcd4a5b216", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5e777105-941a-599e-9ef5-d24095c656c2", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:97fbfbd9-0c67-55e7-b24f-ed603b1fa7a4", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6f862bed-2158-5cd5-95d6-dbf0ffa19f4f", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d8354fd3-ba2a-5993-93e7-a2068af84340", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-jaxrs 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ef7ff74d-a6ef-59a7-b346-a794fcbd61dd", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8bfbb0a9-8d2f-5986-b2d2-8393bc4c7434", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f152efc4-5b58-5df5-932f-4b6e047f8bdb", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1f8bc298-49e0-523a-bb44-333516d18502", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-jaxrs 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8e165205-b484-50dd-9bc8-7b2573a75d87", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:35bca237-f966-56ce-a215-ea450a9094b5", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:73025c05-e2da-5078-a6d8-72107f1acf99", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:37fe686a-2d20-55dc-a94a-de2e469f9e85", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.4" } ] }