{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:293f224d-67f1-5e97-8f0e-cea07a557df7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-service-description-common-openapi", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:dc2df447-de16-54ed-af41-6b34016b9d6d", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e0c29916-7a23-53b7-84ee-2826673d62db", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fd893cfe-3dad-594c-9cce-82af9a43c951", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:70c53249-6a9d-5fbf-971e-e507ce2f4ba3", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a2679756-2a71-5240-b37e-0382a1fd05d6", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d46b6281-2154-5447-943d-dfcc0625330b", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:71f9c231-fc75-5e14-a49f-663c950c73b3", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:afda70bf-bfd5-593b-b709-9d7354958389", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a8a862b9-79ab-5c55-aadc-e7fb6adab882", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2c6038fc-4606-5f15-9a78-54ae0bbdd2f3", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bbe64b70-d54b-55a8-8098-3ca31fb1f088", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1760e235-7888-5c45-b98b-3d3ca513b56a", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:53cda8ef-76c2-5de2-9f55-eefa1453769e", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:17153547-0f85-5013-a3a1-87dc5f958254", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d1f6910e-df56-57ab-b2e5-c4a8e8af2217", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cb78637c-44e4-5feb-91be-8c525299a0ad", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c0711f97-567d-5fa1-bcb2-ba551bf6970c", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f6d94cb3-e669-5d90-a328-050d66dd0058", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:882736e6-c70b-566a-b06d-0f084b8a012a", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9fc01c6a-2c03-50ec-87bc-19a25b834e9a", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7d59e5c1-4d0f-5987-986f-2bafe81622fb", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f454f882-0c41-5386-adf1-898fc2c30d4c", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ef2ab565-7b6b-5c4f-80bd-2756f33b43fb", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9cb4c34c-7b8a-55cb-8956-c2cb0263b897", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bf7e3809-3115-5575-a1be-85f406351549", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7fe50ac9-04e3-5401-82dc-907ddd97ac17", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-common-openapi 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b0506b24-7029-57a1-b411-bb92b0b76218", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:39a9cb5d-0202-5ac9-854b-9e55838744a3", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-common-openapi 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f8390a18-5d57-560a-99d8-a5290df6a734", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:62d0ebd0-a2f7-5125-8650-0eaaf8d1ba5d", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-common-openapi 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:abf6f355-9a52-5bab-8528-9d8a2a611b20", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a6155f94-8a3b-5a52-a653-6561c43dfb40", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.4" } ] }