{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:917894ef-a1c2-5492-9a41-9d792abed195", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5f76b204-6df7-5bfe-9f89-d4f68251e1fa", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:32fd35ee-9ad0-55b3-be05-0e25465ef9d5", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:28cad2f4-bb24-51d5-86e3-54d2672f5a0e", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:48c9c9fc-2c62-5c5f-8498-e9caab1fe419", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a47e4a82-3b71-5c11-88aa-6cf39eabf4e1", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bd5b9335-a439-5d9b-9343-ccc9f20ea58b", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6a8e07e0-ba47-533f-b147-c81b7cc0ed2a", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dbe0d260-2553-577f-9731-d950f9698f45", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a48c10ce-912d-5da5-a345-3fada64641b4", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:acd71559-a2af-5fb1-8c0c-2c67cedda056", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2586283c-898f-5bea-8284-2d3f130ab8dd", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fb545b17-28fa-5bf2-9918-8597c1343d5c", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:31fc0255-a82d-560d-858c-48638a7ffc47", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6b6cc538-630b-57fe-b549-68f7c7fe6c7b", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7fb731e1-1595-5961-adb5-ce195908c4ee", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:64fa3b5e-7e30-5889-a42e-3ae9e675008b", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ce85f42b-c206-54c2-87bc-fd11c4decd4a", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:47cb732a-a31b-5648-8380-8ebc6edc9bb6", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5579bc21-41ed-5846-8892-55f660c7d562", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d09eaedd-2f55-5a9f-82f0-398afb49be88", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6032cde8-af3f-52bc-be72-5553c746adf4", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d40ce438-9858-58d1-a69b-26e1ccab4269", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f86081ef-517b-56f5-8d7d-a4ab5043da00", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:99f0e244-0721-5f86-bb78-e6d065889f91", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:db0910c7-3055-5359-b43f-96a729afabe4", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:805a2c30-69bc-5f2f-91f0-26a90093b956", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fb104e32-7b95-53c4-beb1-33462916fb01", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:62d3c149-1bee-5355-bdfe-b1b4954172ae", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-security 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:92b11778-5841-58fb-b556-b7be63c94514", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e94975e5-d72b-5c59-8e66-0afb21205a36", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ca6878af-cf9e-5053-bcff-277aa41b22b5", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:877a822e-09d5-5e87-b17a-4727070b8bf7", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security@3.5.11-tuxcare.5" } ] }