{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:70127912-36a7-526b-aca4-70778e42c8f9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-java2swagger-plugin", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e460f077-c68a-5a98-aba0-7bc658a86708", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4c87c30d-ba65-5481-abed-e40c4c353a6b", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c988d644-f362-5599-bdf2-36596c8cbc72", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3a8396ac-d794-5e8b-8605-4287a440da95", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0988e55c-f87b-5cb9-9e03-b94f6b8087f1", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:32a6a96b-1042-5589-842d-1e437e3b116a", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:51dc0d02-bfbc-5e12-a96c-ce642c34bbb4", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f374a013-44eb-51ba-9964-4df76642a724", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8cc3992a-1eca-59c1-8b69-1fe429f72f1c", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6b86e29c-c368-5756-b805-25bc747cb1b8", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:728e8f00-2c94-5df1-80ff-132b4cc4ae06", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5fa8069d-b5f9-517f-99a4-3d61c0b35bc1", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:91a5a316-6410-50df-b255-646ed7cc5b79", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a60a6445-ef76-5a8d-95b5-6df45813636e", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e8817df3-3feb-5aeb-be2e-21478897399c", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8dd37931-784b-5b65-bdd9-7596739f27a9", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7405b73f-2c19-5211-8f6e-6a5457f05e57", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2079a3fa-9bd0-550a-90e2-793e19e798a9", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2157808d-2271-5759-8f75-e064c7900093", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c42a8af7-69f3-568f-8177-8bdbf3fe82ee", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7fe5a4cb-fa58-53af-a8c3-7f0522c812d7", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:70a17511-7a97-514a-8dfd-d495b675e41d", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:231e75a7-8f01-54e2-ae82-3e8c22596019", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a5d579be-7e98-5cff-bd00-c13017e3be59", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:64e71041-5f8e-5315-aab6-f6c0238e3fdc", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f8d84230-84e5-5358-a48b-8a4afb626d57", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-java2swagger-plugin 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:81a28f19-df99-5f31-9d34-2cc17089a760", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d134f2b4-19b7-5eba-9da3-3d40d68df7b9", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-java2swagger-plugin 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:431f0185-0e2c-593e-9c57-cbc8ae2a556a", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e043a1e0-b734-5569-a662-d60b350116f8", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-java2swagger-plugin 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3f37e8aa-80c4-577d-b4e5-e654e19d3f9c", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ed33c3a1-0424-5e77-bace-b078ccada4b0", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.11-tuxcare.4" } ] }