{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:90078d84-b55e-5853-9dd7-2482e89458db", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-json-basic", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c2e5c198-f973-53fc-82c1-d9f8252e6f38", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1a36aac1-4c7b-583b-9867-bbbcbca7be9e", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac22b660-6146-595a-bf07-015ca89a726d", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:af1e902f-833a-5778-af20-fd841a1e4ab0", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:32f6060b-e704-5061-8d7e-97fb31e07a01", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:70389ee1-95e1-5030-b092-15a63a64fd0e", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0b7cc5be-9d90-546b-b6ad-0d2aeda940d6", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4cffc13f-ac1d-5e9c-9665-26f99c93389e", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:62ea0bef-edcc-512d-bec1-8e44c1d66554", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b9fa95ff-449f-5900-a2a3-262ee64ff249", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f55a1f31-d64c-5d60-9bf7-4cc325cd139c", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9adbb0f9-f72a-5bb1-bf92-95991259988d", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a11028d3-a434-5fbf-8e2f-a49ae426d649", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c3a29784-c98b-5aeb-9d51-b53ed0470aba", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8028a555-467f-5e71-97b5-ab8559b476ea", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b75a8108-1030-5819-8e19-17d920c62266", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:24a78c5d-978c-5bd4-b155-778f13386a1e", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-json-basic 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bcaabab7-6c38-5362-8376-5180318793b1", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a8302df3-5c75-56a8-8186-f2aee210ef6c", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:41831811-8527-5ffb-b7c6-28e300cbc4ef", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1286d481-fd3d-57a5-bf31-244f23cd15e3", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6a048382-8483-5a2b-8075-37d838459dfa", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fe925c4e-7a26-50f2-97f7-4c8ff7b05b6e", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3d6a2fdf-c6bc-53bf-a878-6d19bfa7da47", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:df3682f9-ab21-55a1-8297-53df18bb0142", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6579a36b-4f73-5637-98df-63ca9ca63f08", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-json-basic 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:42894ace-d83c-5cdf-a8a0-b44040dd03e7", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fbfff9a3-aec5-5bb3-bfc8-aa7a6f26ebaf", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5291cda9-605e-5a34-a31d-eaa18b68f3d4", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:64fbd088-2f3d-58a9-8d58-eeae83e4cb66", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-json-basic 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0ac62508-73bf-5c31-8d8c-c475f2271f0c", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9973d38d-2d58-5d77-9de5-7ea0067783e3", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5c7336a7-9de7-5ead-91e0-a4f08eee2bc3", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9bc9c198-c6fd-5cc8-8feb-867fab188f46", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.3" } ] }