{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:09d3cbd3-039b-54c9-8981-42e7f5a7e343", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-jose-parent", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9179518b-d169-5c1b-88bd-21b365d900b1", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d5e8ce19-568a-59f6-8ef8-9fc29aac60f5", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4abab40b-f2b9-58c0-9773-de02ff922c08", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dd1000d8-0ac2-5fe2-ab2e-2eca641be949", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9870deae-6977-563c-a6ab-cc7388277e35", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:902ce9ce-8335-54c8-844e-b779757be456", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f522bb1b-6e0a-5241-b133-e041c2bbc9c6", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1eebe908-65bb-5591-9598-43ed3c83ad7a", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:60503492-f1cf-54ae-a10b-89f9011788d7", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:de93bcf3-9d87-56f6-afa9-b441e995c708", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:448b3ea9-ca11-566f-ad87-f2e7072c5142", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:94f72549-ee76-5d2a-9ee4-66d4094a0bb5", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b9e3610d-2805-5b5c-829a-dc6eada74f5f", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:452ad3c7-f3e9-55a8-be32-339ab10e0c24", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e62c19d0-6b6f-5510-bbb4-78c4ece7266b", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ccda17bb-2817-5c16-9492-d0c888ab02aa", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2ccd87a1-1f2c-5e12-ab68-cb6700c75003", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:628b2d33-3a91-523f-888b-7c7dd47babbf", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7c6c2e7d-5210-515c-9f47-2b3dd500ce18", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4bc09082-1503-502a-8790-30705c4308f3", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7935d211-ba1d-53e1-8e8a-6e134ff618db", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ad8cce76-f494-586c-a030-792fd03cff57", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:009c5e2d-4789-56c1-9b52-627ebae728ff", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f399e395-6979-521b-997c-e264154bab44", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bcee42a3-8e39-5451-bbd2-8b2e02d2ebff", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8eadcee7-7d8d-5d9b-9fa5-9ace7bf302cb", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-jose-parent 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:08eac8b1-8bcc-5723-9eb1-7c8b3490d9f4", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3041042a-2bde-57cd-af97-0edc52fca45e", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-security-jose-parent 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:51ab5ad1-e3b5-56a9-acba-0ada25521c45", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:81bd1117-f4e0-5d74-9ce3-e0cb303576c9", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-jose-parent 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1164c6af-1eca-55d5-8cd9-6fc98aebacbb", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fe5545f6-4add-59f5-9bd5-e8c3e7c7f991", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-parent@3.5.11-tuxcare.5" } ] }