{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a6a33225-2ff2-5e68-9084-cf78d65ade67", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-java2swagger-plugin", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:44c65448-8242-5b4b-9f22-cc2ff47e5d24", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2f8cfebe-2455-55c6-ba76-849799c0d98c", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5d007f51-ebe7-56e4-a260-683322ffbef5", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aedad6aa-46a9-58f7-83ac-83f7a6e616d4", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c1215625-eec1-544d-835f-527ee41b50a9", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9eda2715-0977-59d1-b464-11136bbca622", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:50708f86-41fe-5872-8627-dd00c14ce053", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:db1b8d0a-dfde-5d8e-91eb-93a51f7e1d2f", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:42ce58c1-131e-5a18-91c8-cf834fed3f70", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a9363345-55b3-55d6-ae4b-d58ca666fbaf", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f9614fa8-214b-56f6-b5c0-7c64964b30db", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c2da9a0f-7c44-5a2a-b6b2-9596ec47cb02", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3bf53423-11d7-5401-960d-b0d57e1b6d69", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:615b777d-0dac-5a74-9c53-fa4c817fd5a1", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:366650f0-d794-590a-9a1c-3107e4a619d3", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8fda6237-b0cd-5b5f-b92b-5c5e3ea6a874", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8c141dfa-6a48-599c-a322-737817a5c8e8", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-java2swagger-plugin 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:219fc9b9-e9a6-58ff-b4e6-a7c6901a77ad", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aa64c000-b34a-58c3-bf80-949fdbe35b23", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1be58743-fb50-5005-bc57-435b4931ad2c", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ce0e23e2-376c-5b6b-a7b5-0911a351c12b", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:733f2797-f348-5a58-bcb1-283698c99eab", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2ac16a9f-06b4-57f4-bdab-702f0a3d62b6", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8b3ade15-4f93-52ff-959a-4b4de70ef8f4", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f0549300-7f76-5f6e-9305-d732dca3440e", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6ff30360-97d0-5a63-8a1f-3b152e8b2ecd", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-java2swagger-plugin 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:40572aac-1b6c-56dc-aa93-73d1a49a095c", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:708113c6-f3e0-5616-b2d3-08bc11dcffc0", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b8d6b51f-e0a0-5a54-b94f-742381b02d96", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:638820aa-4850-5328-ba09-b0ec5db61b47", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-java2swagger-plugin 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:50e32b2a-cdf9-5c89-9fcf-3ebf6eb8d1f2", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8c604e17-745a-5daf-8f69-208ece1fcd0a", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ed2e1723-2201-596e-b528-717167b89810", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d42c06cc-a40d-5784-85e4-6757547959e6", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.4" } ] }