{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6b6a0249-0ab8-5b2a-94d2-b9cccb375f72", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-json-basic", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b67488cd-af58-5cea-a7af-ccf27720dbc0", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf518c7a-e5d7-506e-aa0d-b50c913603fe", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f50bb1fc-210e-5df9-9fad-cfe97f6a77ce", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:256392c7-b2fe-56f7-9ef1-f0a79cc22263", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dfaebc5a-7230-5ca6-a0cb-67311172d83e", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f757fefe-1b24-512f-ad1c-095cad920c80", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9c5bda0c-19cd-5597-a09d-0152805ded14", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2efc5cb6-72e0-5b94-8a4d-694c70a44d3e", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:509dad9d-928f-537e-b8db-76243f9e3434", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7ffa4f80-893a-5a02-b219-0c7854831b7a", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1b65eb87-7ac2-57f8-8b20-46c1e3cf5e0e", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:875d2f46-62e9-50da-8c64-0856836211fb", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:29cb5e89-d1ae-51fd-9d35-ac4ca7f69979", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c038f13f-731c-5e3f-8319-b328b2810713", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3d526dd3-3950-51a7-8718-43913654c57d", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf358438-9035-515d-9b2f-fa492266115f", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b49814eb-8e0a-5bd4-96ec-d72e227a7e3a", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-json-basic 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ae3ac232-8c2b-51c8-8c3a-0c2eaea48582", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f61ba785-fdc9-5994-9a24-6a27f3835332", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45f17d72-adf8-53fc-8f28-9200b91be1e2", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cbdf7b1c-bdb9-5971-a08a-597817766344", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b6d704d-e5d6-5d8c-b294-9c9a5a6a76da", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a3326a5-301b-5fe0-9313-b85e4be0d040", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ec72fd7-256c-5c84-9d8c-c98f65bd4c44", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a7b1bb9-941c-5d3f-bf04-aa5c9d9c5fa6", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97d9b889-2a44-5544-8b52-13754f66ee36", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-json-basic 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a23e7d6-3fca-513d-996c-08861518c231", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6b48eb10-9cc9-50ed-83ef-80b231fc6911", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fd28ce2d-4d93-5db6-beac-43d07946b101", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79c01fad-bba6-5466-a527-fffcb7c76a3a", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-json-basic 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb524e78-6a28-548e-9c66-d6e03988025d", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb2e2c61-9c04-5c13-bdb5-16a0c325a890", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f4e92d1e-1bed-5aa7-982c-ac8ca2de6a7d", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f3b126fe-b774-5441-9062-b591ac013ac3", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.2" } ] }