{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e12a8e35-d075-54ba-96ff-15c668bae22f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-xml", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1d603d2a-7898-57e3-a43f-8872a9849eb2", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:44e83e9b-ea53-51af-9715-7b75adc2b92a", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4ff3faf2-2114-5ef1-ba3e-16a375caf5af", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:25971c32-db14-548b-a3d3-ba2c1c4885a3", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6fbf94f0-e846-539e-82c3-077a1d331449", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f02caa07-3be3-5e83-8e72-dc357225145b", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d338a3c8-cbab-51e1-849c-b99b47f0e731", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f912f1ae-c957-505c-b333-1d7191d6cb4d", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:057368fe-c521-53c5-b1c7-b362c19002ef", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bd584460-ce76-5d9e-a613-30e194fd5c70", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3b87ae32-9618-59de-a7fe-3a84426b0cc9", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:84159592-a1b8-5a85-ba0f-f9ae9f2c5e39", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:889a5a72-1699-5bee-9f20-40e79cf7052b", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7fdbc1d4-32c7-57c8-8667-96171a9fb6b2", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bd72aa77-45ec-5db8-8c0c-505fb2aee442", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1f629f55-2b46-500d-8f47-98afbca304cc", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ef66be70-1824-59d2-867a-a0e1609dd145", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9b4c915f-402e-50fb-8781-84927edea018", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:51a22526-eac9-57af-b900-4859cd6e774f", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2c65dcc2-48cd-5356-ac5d-ce0bd5890cd0", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:17f14179-7211-5478-a6b1-ae96f2fa51b6", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1d4a2d76-9cba-50e8-9942-9941b73a808a", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c4199910-c829-5e15-b4a6-ec2855f4bbdd", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d09902f8-ccb7-5a7b-886c-584b90f82e6c", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7e31b30e-2d48-5571-a452-686851197c03", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:995f0b4b-c888-5b71-b803-8b95157628a2", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-xml 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ba0d61a0-71c6-51ed-964a-4dbd71071a33", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0f536d21-19ee-5792-a79f-2f17d5f53245", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-security-xml 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3da38a57-12c9-5d20-ad2f-06494c99da6c", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1a1132f6-638a-5487-8dc1-70a8692b6ce3", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-xml 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f4cc4fcc-93cf-5802-bb39-e1221d6c07ef", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1ffffeaf-ae21-5c8a-9468-b80a98071094", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.4" } ] }