{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:91c92ae4-8469-5620-aedb-9ee5614f1c49", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-json-basic", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ff568691-e87a-5174-827a-229a73c7fb34", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fe8b5f35-ba4b-5c09-8236-3942665099b7", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:48dacf0e-e6ca-5ee1-ba77-f92f34a49396", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f4e66de8-3909-572e-bc8c-69b9bb7c289e", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b0a8f58c-db47-5070-bcda-d2c9b0e5a2b6", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:78e4bd88-d949-5ca7-a37e-17cb8beafbbd", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:971c563a-e599-5a48-a941-f0760ebb2a71", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cbfe13fa-6319-55c2-8cae-040b7b021c89", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2c97b275-c1b2-55c4-8a2f-e57147e07eba", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9bb2dd2e-18ca-594d-bfb4-cf11416b935f", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ccbc2300-2a96-51cd-8137-ab568cb1d615", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8ff72a87-cd97-5c18-93f0-251d663f3f83", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:84c3c56c-3ed0-54ad-93e6-864dd6b14404", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:867821a4-8986-55db-b886-4b20e22c0b1f", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:da720ef5-8ebf-5868-8394-cc1503cf7441", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bc58ff54-2346-555f-aff5-96f246c7f96c", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:246f30b8-bc23-5e49-ac5d-1add65d23d77", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-json-basic 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:de4b704e-c80c-578e-be67-0c696b2e5fa6", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:752fe8a7-31d2-5146-bc61-169a65ceaf39", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e8069c8e-0fec-5f01-99fd-fb5a2017f9eb", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1bff7e64-3ba7-5f7b-a48c-8286817b6d29", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:354cd85c-5782-5b8d-b4a2-94f1e8b840e1", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:82bbc178-2873-54bd-84d7-d1441a51f5ad", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5b6ce6ad-28ba-51c6-8a30-35dc3ebd6d68", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:38989b4d-0eb6-5428-a472-c74a88907096", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:91e2ace2-ea69-5c55-bcd4-10fcacb228f2", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-json-basic 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:13dace4c-dc71-522f-b555-74b14f2cda88", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:80252b88-411a-5081-92a1-1db0ae76c038", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3bfc188a-e687-529a-9d54-6a5d0e148d01", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:390b5e2e-d1b8-5468-ab30-db46cbbfff82", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-json-basic 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a084964a-581a-5855-8348-97632412e1b9", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1b83dfff-e329-5480-8935-72afa93e9c44", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3b146a26-ec24-52dc-ad54-e95966cd111f", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:82998879-05ed-555a-b12c-f3a6a9702cbb", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9-tuxcare.4" } ] }