{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d65c8ba5-1dc9-5a2b-aac4-fed46dcc0ada", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-xml", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c0c1855e-6cba-5340-9688-8d09a7826b5d", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6970f056-18d4-5333-a9a0-420141db6b27", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cfda1718-39da-5983-92c0-93c19fe67d7d", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:59864395-1d70-5b35-b941-b8ccbaf6a8a6", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b63071ff-85b1-5250-a549-803a1c753404", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8a3c390d-567e-5c21-b691-a4ba1ab365b3", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5b8bb43d-aea3-5559-a48f-d8f787eee88b", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:977a8aec-5418-5e9a-88ee-0ca872d501ad", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:29a18dda-fd6d-5cd5-a841-6b5f191830de", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b0c823e8-0d78-5bee-9f45-248191bd9711", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b48af2a4-26d9-5437-b91f-436978224b4f", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f6727b79-b83d-577b-a255-32063349c7db", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4533d2a7-3f07-5f54-afc8-829bbfca7b24", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e56515b0-054c-5b63-baa0-3cb98b57b4d4", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2b420900-0bce-52d4-b7e5-7dbf50012c83", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:109fe5c2-e816-5509-b6bc-f015bd4be680", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ef530db6-8a5e-569e-afaa-b7085bff71d8", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-security-xml 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a418e216-f4b1-59ec-adb7-41166b190397", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9eeadd2a-7c2b-55c7-b16c-d8046570d317", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:37ef9660-5aa5-5e18-937a-7b54f6db685d", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6a9759e4-9697-5e2e-8eed-f5875547fb93", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f971f09d-33b0-5fd6-bd83-3d34950e24df", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aab5997d-c8c9-51df-aa83-520e0fa38cf7", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:64137479-d26f-5b8c-8282-8210b788373a", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6fe4ac61-cbd8-5a1f-ae9e-3529b627c508", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:95613877-a9e8-5e81-9d9c-bbcf59d5a568", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-xml 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:28b87f35-aa47-5763-83bf-327c54f697a0", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:200c6d62-e929-5a1b-be4d-ccfceca25fdc", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bbf87a22-7cea-56d1-a040-c10e0ac21619", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2f1c1c15-e1d6-5ca0-aeca-28e6e3c31cbf", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-xml 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1b8e9e56-6379-5b9d-9146-52aaa419239a", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b355d889-f0a4-54d3-b92c-e18f23f2d202", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ad648fb0-05eb-5cf8-b5d7-6193e00f5df0", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:33ef9c75-ed20-56cc-a6ff-8d5efdea59c7", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-xml@3.5.9-tuxcare.4" } ] }