{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7d1f3057-2cb5-5a28-be91-57228c058fda", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-jose-jaxrs", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8d4b67cc-189d-5170-af81-4db8f10fb889", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7dc48762-9fd5-5727-beea-acf7ddbb02be", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:36762257-e5b0-5460-837c-53be02c65d31", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:05847f46-cfab-5525-8e9c-55e1b6ced986", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:520cf930-e477-51e1-a4e7-56fc2956cb09", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:402f58bf-d32b-5083-96a7-1d7c0389a8f1", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a8426281-9404-5fc5-807b-92c334b1c106", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1558fa90-333a-5c6a-81d1-dc49872f7949", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:96dc1ac8-a70c-5847-a6d7-5b01aa995218", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6ed4e6c9-20e7-5776-95e5-9a600f0a9db6", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fbc88d05-74d5-5c68-91f3-62fd7ad22c70", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d62ec2cb-778d-51e7-9d61-a0c40950ee05", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1b895deb-b344-5aef-bca8-5ef9dce2b146", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:47a3d465-88c2-57b6-bf2f-e1ad12aed9e7", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aa9e47ef-5a18-527d-b11d-6ddf5b0d7e8e", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b1cff89c-315f-5ab3-bd0e-e4708b82e5e4", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9a51da37-2e41-58bd-bacb-30f1dce11278", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7c5c7042-3f4f-5912-984d-7446de0b2efa", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:32efd770-946a-5bd6-8b01-6a20f297423b", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0d538161-ceae-567e-a6b9-b6b051f655e8", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:80d81fe7-5e9f-56d5-b94a-b42b767107c0", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b8e78755-0638-5f64-8640-a901c362fb3c", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a2c2b762-6646-5059-8139-e2b81c8fdafb", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:505143a8-014e-5e56-94e1-34386e8156ea", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:709d616a-ee29-53ac-94e9-91cbfd0185fc", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5e8dc995-646e-5fbf-abb0-a8ce82ad0028", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-jose-jaxrs 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d91f39bf-daf4-5f44-baab-38660efc5769", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5637fbfc-5b4a-50b3-99e2-8edea8f1d161", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-security-jose-jaxrs 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:98be2615-f214-58e6-9484-a9990222c98a", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e3574bd4-39cc-5cb0-a9b4-5f0bd2bc8c4e", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-jose-jaxrs 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2bd8722e-713f-5e63-b169-fedc6c6c9907", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b857d6eb-b73e-5ab1-b647-5529968decdf", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.11-tuxcare.4" } ] }