{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:034cf240-cd1f-5484-91ee-9c6842546b0f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-cors", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d1482060-c4fa-5c42-94be-33116e6aac21", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:34f43d30-fc6c-5755-bf8c-bacf41d772e6", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4ebae943-f988-559a-ab3c-960a569f67b9", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:98218609-13cd-5ed3-9ced-bbe4eb26ff25", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e60f665b-f899-5ed9-89a2-6064dcaf01a9", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:634c4949-5371-5a40-b192-9751345edfaf", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:69dba232-2623-5fb9-a22b-d88e10166cd1", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d019ac3b-992e-57bb-8a3b-4aed64b9de39", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9ba4b8f0-56ab-5fe0-96cf-125c20cfe957", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:49ad28b6-0c27-5c54-84a2-046e5c7ddadc", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6ff830c7-5fcb-53fb-8844-ef30f325f650", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dbc85d6c-075b-51c4-b8c3-a0546e7cc333", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c213ed00-d14d-5bf5-aa63-e6843a1d4408", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:73e02e0f-e0b6-5882-b6d9-910dc1ca8559", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:acffb109-8494-5f63-9135-4b7db47006a0", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:34a276d3-d3a2-5772-97e8-cef2f63c7b5c", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8c1ccf13-e314-52b3-a2c2-12c50c21ce51", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4f1f82b2-b87e-5881-9da0-832443a99b09", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6569db66-9b99-58b7-9355-a1c6dcedf23a", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9fdda74b-b970-5dbc-978b-645a78e4bb86", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5249272c-665b-5a53-a51c-d6e409184fbc", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f5ddfb9e-e431-5955-b21f-b3a5c9db6011", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:57d58e11-ea49-52e8-a747-9879133b0a1a", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:75290697-5f4c-5d72-8842-49832eb5ab60", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7e7cda3f-0890-5420-9b16-8f7d6e50eac3", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac5d1c95-d128-5dd1-8ca7-4940d04ab37b", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-cors 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:83e086fa-06be-55d6-ba03-da1eaec6eca6", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c434cf75-e563-5090-a827-ff0c41515ca6", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-security-cors 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f201d24f-8c3d-5ef6-81f3-643d3767f8b8", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c3e4716d-ce06-5f79-8045-85828de8a927", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-cors 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a972098f-61cd-5b55-898e-0d02af1c8055", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4f1443a0-da8e-5364-8edf-0a7b87793969", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.3" } ] }