{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:314ffafe-2f88-5c99-820a-4eba75653a1e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-jose-jaxrs", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0d85c1d5-9793-5b11-b416-aad187cbd145", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df220ff3-e3c1-556e-90bf-179a4bf72d29", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1948b2bb-1e05-5751-8698-03a577959834", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4c005a1e-d66f-5bf0-9ca9-6af0f95efce4", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:564b25f9-cb32-5bd2-8add-57f5e6847a42", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79fd2666-f7ed-5eb1-b870-17128dae1b66", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:44a6a462-88d6-5272-9452-d0d7c7c4385e", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df32c45c-237c-54ac-87dc-3124e014f81b", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc6e1c11-7196-581b-878a-9ea1721666f4", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a4c426b7-4509-5d35-ab86-b0d1effa6b09", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e2f88c0e-7489-56fd-83d3-55c05639fd5c", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d6fc6c6-2ffd-5f4e-80fb-068259fdea62", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f5856a90-48aa-5778-be7b-bede6a6b4f8c", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7112caea-f425-55c4-9e22-69604bbf1b57", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ddf7aea9-4245-56b4-8263-53aa09e41212", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ad707db8-ad9b-5633-8c47-008ba7f7279c", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3118f766-f00e-5f78-9e6d-d2f733156788", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:342ee376-6ced-5612-80e9-53cac444c02c", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:494cfde9-294f-517f-a741-884b8c3474be", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:21a2bbab-ac68-5418-a060-72f1bc773818", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d963202c-5c5a-5bc5-b0f0-652ba9617c6b", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ccfdf5eb-a6c1-50a4-8f4b-7c9a397dda70", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6e8568c4-b5fe-555e-92f1-09e3ca943f30", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:40663633-8903-5b4f-a8a6-16f377cf88f3", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7bb5288-3a93-587c-8b0e-b773edc33502", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ac31388-628a-56e7-bc40-8501aef39d3d", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-jose-jaxrs 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d60433e4-977c-585d-8551-08026da1eb3d", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:af73eb49-98b2-5abb-aa39-f79c372ef49f", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-security-jose-jaxrs 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73a45065-70f2-5d69-9ed7-76900f1aab3d", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b7950aae-1a29-508c-ba56-09a7b943dcc2", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-jose-jaxrs 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b66f72b2-9468-5bef-ba91-45f5db2100dd", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa232e30-c9f3-5bc0-8b75-00721f77a9e5", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.2" } ] }