{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:76c66d84-b516-5fe2-8dab-80048443acef", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-service-description-common-openapi", "version": "3.5.11-tuxcare.6", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ae61a152-1432-5275-97ed-44570d0cd334", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c754b9ff-570e-5064-893e-86a5e26d2582", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6b9388d0-3835-584c-97db-2ae5f1a83104", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a403bb7a-1c19-5580-8213-b5de2988b18c", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b3a5ae9f-b4f3-50ee-8e03-072ef95d89ca", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2b1cc01e-39e9-57aa-ba22-2394677ce74b", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f3cb3294-04dd-589e-beb2-84cb02a40761", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:73dd5418-85cb-5d2f-a9ee-28c0ded7a7fd", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d01460ba-d9ab-5251-9c8f-99b6e67bbf13", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2fa1c341-b4a1-530a-a7bd-0d4fe28b96ef", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:837d2f3d-4a9c-5f60-877a-9c85dcf198b8", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1e1bfdd3-02e4-5805-9c2d-e1d62b73b2ba", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:888d2b23-6fdb-55cd-8c91-cb6cd7ffff26", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b669c08a-8992-54fe-b912-1d36f1230ea4", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:00e0b605-8c2a-5d9b-ba15-6bdd4e18ed44", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fdfbe283-dd23-5dad-8090-b047dd674638", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d43d9f08-7a49-53ce-9702-75b8a279c3cb", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:055fac34-65a6-5c7b-b746-4bff9e7ae6c1", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:12ceffdc-1d71-554c-8a0e-22fb3b3040ca", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5eeb0e46-cc53-564a-b1d5-a8707612d773", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:758224ed-4c84-504e-9d97-50253011d674", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:398905c7-b265-5d0f-b2e8-0090c166cbab", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7776425c-7e13-5e1b-b793-069e3caeb643", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d53abe6f-cdb5-517a-bb7d-3aff74a55380", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3aacc87a-6435-5c99-9166-d4792c41c18b", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:db22f2f9-ad91-53d2-a46b-53df838403d9", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-common-openapi 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cda65786-82a9-5271-a485-fb34fa72ab33", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4263f738-b449-5e6f-9bac-3a9b3adbe064", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-common-openapi 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:652e7cf7-611c-506d-ad6d-d4df0b4e49c2", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f5c3f220-094a-55ba-8edc-4d9b38775ef8", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-common-openapi 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:23722ac5-f4ac-534a-8bfe-cf5683cc5d14", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c033e2bc-c34c-5c4f-88be-5c1f6e5ce0fd", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.11-tuxcare.6" } ] }