{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:36d79a62-45ff-58b9-8e56-e4ed89bc1f7a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-service-description-common-openapi", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7fcafe80-35f0-5a56-ad4d-c3518d653d68", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f5d84654-4dd7-5fc9-96ce-1879cd6909bc", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:82af2c0e-12bb-5c30-bb41-3aac4c64619f", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9041c2ea-ee2e-5fa5-bdb6-a509a88c213a", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:23edcaa6-e4f6-5c4d-a28b-8e4c39935d62", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6b899941-5171-542c-be8d-a6b52a250285", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b999e321-c99d-53c2-8c01-d17e73f760c6", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:706317eb-531e-5b1d-b511-245339fda42f", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b9afa927-e514-5ca6-a42b-4f250d39f792", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1674d4ea-48bb-5f2c-a1b5-4322ca9201f8", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f8b17f09-a9cd-5560-925f-c999646c6ed4", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3b8d622f-c259-5c03-af25-76af58ff01e1", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:83ad0cb6-430d-531f-befe-da7c6d361508", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4c3a0b8f-97a1-50d4-8882-2e81f6c7fc72", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6d1f6e50-c1d6-5bc0-834f-325760095e3c", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a8ae1ca7-71ee-5251-842c-d8dfa1736d67", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8770766b-4e97-57f6-b9c0-04b39ee508dd", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7963ffc5-ceaa-5b82-806a-a3e02e415118", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e158c9d4-27e5-5130-8088-57213269e5b8", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:31a043df-791f-51ae-9bb3-847908ad79ec", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:121df3d5-25fe-5430-8580-f9c7b9223ef7", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d60d6d56-972c-515a-87ea-19c0bdeaf63c", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8084d99e-815c-53f6-bd7d-0d86be596acb", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bacc5982-1eb0-55a4-bd8b-25f3367ef509", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:29be91ec-7edf-5238-954f-292a7aff3729", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a02a2b7d-b7f6-55b4-b0eb-28b315f659f0", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-common-openapi 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f6eee1f6-434d-55dc-acee-0ec07499594e", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8bd9e491-acba-5018-875e-8737e1b215d3", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-common-openapi 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:be3c38a8-6d0d-54b3-a82f-a12ddd87ddc2", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f9d62772-a545-5a20-bf99-556580dac2e0", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-common-openapi 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5d01bab5-a227-5e4f-a3d5-49f4b0372d4e", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8e3b4462-41fa-51f0-8331-978e014eb72d", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.3" } ] }