{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ba3402be-dc76-566d-a4ab-50a857d6b64c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-xml", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4c75a0b6-3ee9-5103-9a48-7635afb1a1ec", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:58789987-36ac-59a2-8fa1-213996f44c1b", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b7de8664-366c-5175-a960-1c3d4f53428f", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3dad554b-0d32-5484-a41e-a3602ac953c3", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2b700de3-a09b-564f-9ceb-5583e6664c75", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:88dd8275-2865-5bc4-ae4a-b4bfcb5b6f71", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:46c03363-bf95-5cbb-b85c-5ee45818473e", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7b752806-ac69-5b7b-a32b-d237d11ce86b", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:57d1f007-e38e-5c00-aa05-8a3dc6f09aaa", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:74ced9af-2f77-52f0-9183-384a5271baf2", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:954fc389-ca9b-548e-b5ea-452869c63dce", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dda7460d-303a-5216-99c3-ea5783cdc798", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a6c52c84-4777-5aaf-b860-6cf3dcce3a64", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fd82d773-dd4f-54af-a4a2-c8cc15867afb", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:948623af-50ba-5a10-b090-bcdc0e9f4446", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:491b83dd-91d9-5143-b7aa-2e2531bd276d", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bd6f7162-281e-5366-8a05-43346d95a921", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-security-xml 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9ba1ac49-be0d-5979-8e7d-133c682afb09", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aa1c441d-5964-58a6-be83-4a7db308d22c", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a24b8dbf-87cd-53a4-b29f-581e67ecb130", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0c2f7587-d7eb-5567-af90-792cf225e5a9", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:494a16dc-7dae-5620-bfe6-da975897ab00", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:19ebafed-f3f5-5fe8-b55d-7f76c3a0ba77", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5cc64a05-d6c2-5294-a57d-5d9d32ea8889", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5d93d144-55af-59f1-bbf6-5d8744313642", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4ff646bf-07aa-5659-9d60-feb6a5a27c99", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-xml 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:31a30017-a71f-54b7-8d9a-23d44249e16f", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:23d0c819-887f-5778-ad0e-304a29924507", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ba8d441d-f477-5c50-bc94-97437d5a865c", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:02e624d5-7dc9-5d6c-ada2-07ec51625e6a", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-xml 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1db4ae0b-3b6d-5a6d-be85-75bfb329b0b8", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:029e370e-1fc2-5156-9100-0f0eaaca6ec2", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f722aaf6-336e-5ba3-9992-d567d4c4784e", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2d61085b-7039-5306-a23e-e32ee25f0953", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.3" } ] }