{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:28bf17e6-cd1b-50ad-ba3b-1dd8fd02c2a7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-jose-parent", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5393de45-ea0d-5c70-b1bb-bc4ff1c11963", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dc2e6852-725f-5eb8-8482-61312594fbc3", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:857b971b-61b6-5b26-a8bc-8bd86f6e7c39", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b79a530f-99ba-5d6e-bd54-217f75431dd5", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b479a547-88b6-5dca-ae63-f295d8e65bc5", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:31cf3520-fca6-57eb-887e-32ced8ef30b0", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb5e9cde-3556-5cf9-aab4-a43587a83842", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a08ae805-f1a5-5ee7-9c37-d2bfb7498844", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5284b8f9-ddaf-5306-a039-798a1facc6b7", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e15916fa-5da5-557b-abdc-b46ebbc0b011", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:88f89cfc-40a5-5c8c-9597-ba9ce7462143", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a5580fd2-b7ed-5019-bc0e-37c8c84c1714", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:182d5ba3-ab4e-5ba6-9ffe-a0e74032b8b9", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dcff310d-e88c-5cbd-a199-f1702c4719a1", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2393089e-5dde-5f31-8bdc-a2cc162146f2", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:51288880-99a0-5528-8960-ca34dbff4944", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b6bc248d-27ea-5c59-9931-61e393dde290", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf8a3895-fa42-54b6-b759-45d85d5ca7b2", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a787d34-c928-5264-a261-da4e66671b31", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b14268f8-8e9f-570f-a09a-744da816fa82", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45f2089c-e07b-5ef4-8ef1-ba76447a1dfe", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8918242f-20f5-5919-900d-68f375922477", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a75ee30-ad10-5274-80fd-ca7fa1712bad", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0aea2559-7336-5597-ae99-e50579192173", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7472a5b6-d9fa-5f07-a4ab-25c0a48d9f8f", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cb4bbc38-a3dd-5725-812e-3e0700434a65", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-jose-parent 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a582d62-122a-5d29-b19a-49cab77eaeb2", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:72cf99ca-0c4b-5e9e-9fba-5178cddff931", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-security-jose-parent 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a1e2abfa-cf84-5470-8c83-06a7cd626c0e", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9809d275-cc54-5bb0-87da-6bbfd5195116", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-jose-parent 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b2b23855-bec5-5ef7-8b1e-fd6d90d276c8", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f3e6492-92b5-581a-9c0f-fc2487a5f4bf", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.2" } ] }