{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0f6f57e1-8e32-5ad6-9c9f-d4dcddb88ec8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-cors", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2b31eb1b-6b3e-5ce4-9785-f9d944601175", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0af41885-572e-5d08-84c3-eedbe938cd73", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ecb79a18-1485-5e6f-885c-38748b99ec6c", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:aa1333ad-617f-5014-ad3d-8d302e917878", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c1e35235-1940-5e5c-bea2-19d6d8ae0479", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8cf40eba-4e68-54d4-88f9-8f6ff060220f", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d9c1a7f7-ff68-5b49-bca9-cc5e9224f082", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cf81b61c-799d-54fa-b63c-aa1e44e60e2e", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5284d7f4-6235-524d-8430-77e6570b10bb", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6fd21c9c-1a80-583b-81f6-e4f223740913", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cefea952-1a6b-5a92-b667-b5a7ad5ba301", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:70062b5c-3a27-56c0-aa34-32f3ba7fa00f", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:94236ec1-f962-5861-954a-00cc3a708c10", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:884c7920-431e-5ca6-a877-825bff1c8f65", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6f83cccd-c82f-5734-a693-022cc7b3a497", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:af289600-e851-5fd3-824a-2204326aa4b3", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:66bec507-6d0a-582a-a50f-702a8498773e", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4d399eda-dcff-5459-9d47-f935ea5b343d", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:926ea137-fd54-546a-b9c3-b4ad54623da9", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:030fc015-8845-59e0-8b71-b5248baa4ef4", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ffae85b8-986a-5ebd-aa67-b93cfded646b", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:96f537f5-fa60-580d-9e7b-7a8dfcdc21ab", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5afd8014-5105-5dd2-bad1-509966cd32b9", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f4dfc0e7-7316-593a-8d84-ada233ac68f0", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a3ecde4a-9c73-5aa7-9363-8d543fa2c550", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:22ab60e3-64cc-5e6e-90eb-9d86997a4131", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-cors 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d05b28a5-51ba-5c6c-a2b0-40d96a308a6b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:377b02fc-74c6-5549-8d44-89a0a639df82", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-security-cors 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:779a6a39-0999-5c35-b779-910b068055cc", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0b1a7af5-1260-520f-bfae-410771d18a2a", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-cors 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:06b6406d-b335-56fc-86c7-3c4a058db653", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:87c6c03d-80d3-5934-9614-b2862583714a", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.11-tuxcare.5" } ] }