{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6afd56f0-7075-5551-a321-f1001c49e197", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-java2swagger-plugin", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ce2dad48-bd37-502e-841f-76b37506d511", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d96c2a59-461b-5438-92ea-385b971ea18a", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:66806ed6-329d-560a-9994-8702f05d5398", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7be328c7-cce7-5687-82a8-0f2dafb24654", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4c59dae3-ecfb-5d66-801f-a4aafe89dd9d", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd0dead3-a6a6-520a-a3f2-0ec75a4650a6", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d500adcd-2e68-5470-bf60-c3520e3b4ffa", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d3d399c-a6ae-5d7a-9615-05b9abf6d916", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3cfe87ee-298d-5617-ba80-536a06f7bb08", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9e1db51f-f0a3-586d-8335-90f04a8fc0cb", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4bbc748-7270-5f97-8033-50bbe55a12f9", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0b04ceff-c88a-53ec-b2d7-731a34297d1b", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db6886ad-f37e-5133-9333-2a2fb4bf3550", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c32df7bc-98f3-5235-8e6f-dfaa49b9f9df", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fd575dfd-338a-567b-b6bf-6200c916eeb9", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d68664ad-d1b8-50ab-8173-9954fbd75473", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cab609ce-f16e-5f7b-96d7-fbd11f2ac027", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-java2swagger-plugin 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9430f0b0-ee9d-58cb-98f1-8efcae2397b6", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eb2ca638-2cee-552b-98f1-b57f81710c9d", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c089a01-bdad-59ab-ba8c-24dc201b76f5", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d5c4a394-e7f0-5c8c-802f-ed692544552e", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4483476-31a2-54bb-9b97-fc8d6bc6f970", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1839ab97-08ad-5d9b-8a29-8601d77bae70", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:329dfc11-d430-5192-a79e-c47bb30784eb", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c77d69f2-a037-5d04-b8c3-f06b28bf34db", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:199826da-4b4a-553c-ad65-e43c92971fa7", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-java2swagger-plugin 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e221ce6e-ea2b-5b9d-a5a0-480c2c7c10bc", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:86f63518-07bb-5389-b392-bc1e6e8817c4", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7971e405-1c55-5c36-a36a-6b7062b8c036", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a0bd73ce-2567-5951-adbb-f439ca185429", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-java2swagger-plugin 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a42d3207-9218-5eae-af20-596b056263da", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:12d9a655-e2ba-509f-a44f-125520bb543b", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac4f2bf9-8b97-58d1-86bd-9f7d89ed2bd5", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e7855673-2cce-5bb4-ae7e-3c42352437ba", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9.tuxcare.1" } ] }