{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f2bbd9f6-2335-59bc-b34b-e6d78137fa19", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-json-basic", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e086e748-3824-591f-8581-a0835bd1692c", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:84cbc3cf-1d58-5927-a541-974e546e9cab", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad53088c-2610-5a3f-8676-53bc6ecd4210", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:90177518-ed43-58b0-a398-ec6a1a96211e", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f7cc664-0ffa-5145-9f71-2136d58bb655", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:74e6ac8a-6c5d-5aff-9dc0-578ca7e3be9c", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a028fa4b-3703-52aa-b16c-2edf43280dbf", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f4a583e3-8478-5390-9a84-ddc669e3f60c", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:77c1bbb4-de7e-5e43-bc2e-ac5dfc5ffdb0", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dba0e94b-88ac-5c50-adf9-70c64099935f", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3ce3676f-0278-585e-940f-c8f552781272", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ffa0793e-1135-579d-88e7-ed6df1bc0c11", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f106a463-c7b4-5c12-b291-76cf2c58633a", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4944557a-c0c7-5587-b39d-3d194efa946a", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6af06e7e-28ae-5bd6-8ec1-ffaf196cf51a", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:629179ff-83ef-58af-974b-98fbab68d429", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:496f7dd8-140f-59e5-8ac0-4f8d65581212", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-json-basic 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b70690c-6fe0-5e7a-aa8c-6ada100e4fd0", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0fa43499-76d1-521d-833e-d0bbb2631347", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92b3d3ae-7d70-5b63-9c7e-61f75fd9ad87", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1ccd991-8149-572c-9140-1573d2429b77", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3c56ae2f-f622-5579-a3a5-17251db48363", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4e5507db-e7d8-5c3a-86e1-32e730a074a3", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa843c35-91a8-5972-bf2a-cb7891464ecb", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:59e1f10b-1e09-529f-98d0-87999f33ec96", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d97014d8-b1b0-5009-8c1d-9e8c28bc6c76", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-json-basic 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a73dbd1d-3729-54c2-bfd8-00566c58082b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a052381-f9b5-54db-bfe5-d66315ee8580", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bbafdeee-9a58-5855-a3cd-e9b4cf9aa5bd", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7b97472d-1d40-5a1a-a547-11210d611fa3", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-json-basic 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2cc300d0-f76a-5e5f-9402-a3bbffdf2002", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ed16702-4dd3-5092-99e1-4bbb055e8cc3", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:570cc063-260a-51a7-9a75-ec1ec9eae80f", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:745658ba-e3bf-51b4-92a4-c851b50e26fd", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-json-basic." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-json-basic@3.5.9.tuxcare.1" } ] }