{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b2721888-883f-546e-a4c2-14212e3c16eb", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-cors", "version": "3.5.11-tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:da608a99-e8e8-58af-b054-f401527bc702", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:94709a5a-4eba-55f3-a745-c3b3ee6efe31", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91804cb5-5023-51e9-a956-706d24186e94", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b9a276f8-2eaf-50b9-964f-167c59a3aae7", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8d8e78fb-3afa-5c55-a5fe-a68d3f01b353", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8cb1e1ea-78ae-5ae9-bcba-2f0c4b4fdefc", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1ff91d2-0bc1-5cc6-8dad-2dd7d04a3555", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9baf6c3d-7bbd-5616-a8f9-f1b5ee103968", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f297f7f1-e437-527c-9787-a9114078294f", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf0f7486-f0a1-5e58-b38b-3a8273038bb2", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4a463fec-e2be-54f9-94ce-daedbe31d4ae", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:375c5a74-dfca-581e-ac63-a1987c37615d", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:87bf4bcd-2614-5b51-a55f-0c31e4a74101", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2f83e416-6c6f-56d3-b21c-5be49970dede", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0fc637e8-c19d-57bf-87f3-d581d17bfe13", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9ee1775-2ac3-5f52-80bf-a05fcf2d9e3e", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e522336-4d37-5a11-838a-5cbfe7a80605", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f34fde55-3b5d-51bb-b039-54bee81d5cad", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fbdd7590-7691-546f-a4cc-74586df43258", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9fe57ddf-449f-5298-9a3a-a8126d9ace7c", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:39f39560-b091-529c-b428-1864cab5ed3c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:32a8aa9c-7732-5295-9776-badb92c61b5d", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd805228-ac61-5237-8764-60f2f982f57f", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:26677ce6-1fb5-5e98-8724-8c02ce573855", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b6f5cf6-8f6d-5316-b1d3-8d90d9cc3bde", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b9a888dc-2cc9-5aeb-aa92-c04bfab4b6fb", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-cors 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1f02a86-57ed-5ec7-acec-3919378e8f1a", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d032aafa-6dbc-50b0-b937-5a16d535151c", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-security-cors 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1c52d969-b203-50c9-b5b5-e7f7f6c72262", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1c7780b9-6007-5f04-9542-83a623d0440b", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-cors 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c6dee4e3-cac0-51e2-92b2-11b1c6335e58", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5e044ab-04f6-5bae-91b6-8559a0216846", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.1" } ] }