{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:91915d5b-99d8-58b1-b2ff-be2cce8b9549", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-java2swagger-plugin", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9706b14d-cc68-5f1d-a9ae-e40659efdf0e", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:361b1bf8-57bc-58bc-ba23-3b1a3670cc36", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f88119ee-f6a8-59c6-822a-261884acb336", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:832b4911-9a3d-578f-9426-12ec5694013c", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36740f5b-fdd4-5777-8ae1-ff9925f17664", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b84b04f-33eb-5d65-bd78-43a505f87b9b", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:44c49f4e-40c6-536a-b8d9-a6796917513e", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d59c948-d6e7-5313-a5b1-8c00c17d4c55", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b6eb284a-0e17-582e-9a59-1c4bbd6089f0", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dad37382-dbee-5d2f-9222-7f2a75f082ac", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:527fb4a4-f6d2-52fd-83d0-8d107d2d7457", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:faeb62b8-7920-5e8f-a99d-ff7817592337", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d18d92e2-3ab4-5e1d-92a3-5b4fe1d17733", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:83441ac1-9f03-56c2-b1bc-c2b0db64bb1f", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7bd001a1-a12d-51ed-8b36-ea14395983cb", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee01629c-6bb4-578a-9eb8-1b15c85c60b8", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19be69f8-7a5a-5b11-81c8-e2daadfe32c7", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-java2swagger-plugin 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:03e00281-c297-54da-b036-e7187a436c5c", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:60b196bd-e802-556e-bd05-f5b48e447e23", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:16744458-300e-5461-b595-443fa38c3232", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d0705597-45fa-5621-8fe7-6c8fb1ba1da4", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0138bd18-2cf4-5e01-a1d8-e6f7a7a20022", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:698750a4-1abd-5cbe-934c-e03980d1db57", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8710da34-4180-5cf8-861d-2ff076f2dee3", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d6b2269e-f820-518c-9221-5341deba4866", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4c7714ba-dca1-5846-b117-e06647bf13e9", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-java2swagger-plugin 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c83d134-7561-5968-be0c-815272ae52f1", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d75f998b-f079-5f00-9b9c-b44b2472697a", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:04e3af19-4007-5485-bd12-2a375f52e9d6", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:95c0871e-8171-53a2-a4e8-5a4676f26ef5", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-java2swagger-plugin 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ec37605-a082-5fe7-a6b8-7827500817e1", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:47636a47-1128-598d-b4c6-9406c81eae80", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0817f2d0-e2f3-5295-ab3f-584da5efbaf1", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6c5d765d-05b6-54b5-bb72-3543d47ed615", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.2" } ] }