{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6a4def19-fe2c-54ff-98b2-73e8ce25f85d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-xml", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:02ffafaf-0e9e-5006-ba3c-26b0bddea16a", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bed6f8fb-fd98-5aac-aeb8-8083d4629fb4", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f9adf0f6-393e-59ed-ae65-5696079149ef", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c2a45285-f5c5-583a-993a-ba525221c28f", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:27f21712-873d-54f7-87d1-990f7f7db504", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:eff57366-0815-5f33-97a5-98b063f731c2", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c3ea98ea-613c-59b2-924c-93505e059e14", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:218f1b4f-4f84-5401-b16e-9f16ee143db6", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:364e801f-0596-554f-8fd3-7a4416407d14", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f48d2379-9df2-592d-9150-2528c5cb510d", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2fe09ae4-5fcb-547f-9767-7ec3d0a4a5cc", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:90868cfc-c510-5b96-8b12-ed6ae913fb06", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:58c6cdb2-cde0-51b2-882f-2c6927a2c6c7", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ea35616b-0e66-588d-8756-1f6ebe1e1f7b", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:208ae486-9353-5edb-b53d-094b502b4a48", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:94b23012-bd9c-5422-b672-4fec59c4e026", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8bc709d7-1877-5015-963c-7373a0ee66ef", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c18de7b2-84cb-564d-835d-c106a1674cbd", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5deacb41-5462-55a6-978b-dc3c0895ea74", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3fb270f7-9f5f-571a-9863-86c35a4fecb6", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:64cd448a-d403-5e84-9bf0-663737c97ec4", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8bd59f22-7cb0-5b0d-a3bc-825249650e2d", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:287265a3-9e50-5926-9b27-244f06ac9a3f", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b686346c-83f6-5f95-afa3-443739ff4733", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9cd5ce45-5a9a-5751-a9fe-62b978046ee6", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ee56a6b5-e3c6-59b6-9f82-c1ac20478bc2", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-xml 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b45f298e-87c0-5bdf-9ac7-ae7f117e0fbf", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6dce6e95-8c47-5ea4-85de-aa38b2662ee5", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-security-xml 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6cbd0c00-62d4-51b2-8386-6dae81b75bd4", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8f55eaba-1ba4-559c-9e50-2e581fb9c9ec", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-xml 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:91876613-1f74-5348-8351-5098ea9fd4f8", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5b279916-a5fd-5ad4-9811-e48987bb9451", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.11-tuxcare.5" } ] }