{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a11273c4-b67d-5bf7-b2a8-7a5f317df413", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-cors", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4856155d-396b-58a2-acc2-56efa4ad0553", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:04fef768-a737-53b0-ab3e-d927cc09da1c", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:53ac8022-65ba-59c3-a58e-6cf3c95caf7f", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e1ec8ed5-4b32-57d8-9936-91f2eb8e3aa1", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f66e4eba-c85d-56b1-9653-5501ff7dcbac", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5961b1a7-92a2-5807-bcc8-7a103d30f104", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:577a033d-eb4f-54b3-834b-87f1a621a24e", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b5d962b5-04e4-59fb-a91e-a8e63d6f0138", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:641105f1-dcb4-5c9d-b192-4ba0973e1bf9", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:77d4aef4-3110-52b5-a2dd-bc43c5a5c3f5", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:854d82e4-f279-5dc3-b06d-047b4e9f19de", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a32e8a62-e771-5491-b166-006407a9218b", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:36feff63-4afa-5424-b8e7-acfbc39548a2", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:518ac675-9d57-528f-9851-61db86836e54", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ef36682e-5d19-5848-bbe3-95526ec19cdc", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:20f9c6ba-df70-5320-b980-01ebed8c3049", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8645f3cf-ed9b-5997-83c3-115173354771", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:97cffda7-5ac7-511d-b3c9-be9a53453baa", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c7e43fcd-c704-54d9-8f87-a736a4df3905", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f9a5310e-3ee7-5449-ae6b-3e18cdc43d28", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b86d974c-178d-5b57-a453-764d3303678f", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:841e3222-e3bd-50b4-a365-cfc8a5e90a1a", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ac7934c6-5cae-5cca-bde3-3d86f4f9a743", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a4cdaae9-598e-5cf6-b31e-d7b70f1bd033", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c1587e10-5838-5525-a984-77e0ff3aa5ef", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:367b9188-536b-5a05-adfb-fcb78cc25174", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-cors 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9150f086-0f59-5928-a121-76fa5fbd5c45", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:39121d30-07fe-5cdf-b341-93c5dad5b116", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-security-cors 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cd64746a-7db3-54b2-b203-c6a500ece01c", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:65cc2ae5-32e2-5a93-b790-f8cc0e01fd1a", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-cors 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5b223d07-6302-586c-8692-c6e843aed14e", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:31fca540-0f92-589e-9e14-2e3273cb4b17", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.4" } ] }