{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e3b36a39-8b85-5753-b299-245e0d24ac51", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-service-description-common-openapi", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5fd66564-fe2f-51a0-8031-bd7563ff8b56", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7582a55-cdac-5a46-817f-95475f06b13b", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f61f879e-706f-52d7-9551-5d7615663213", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:53bdd908-f80a-5666-ab0b-5f9ab4573902", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:853a1815-4853-545d-ab5c-10ab4a48ef82", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc05fde5-38da-5f71-ba7f-1f4d7777d2a9", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3817fd9f-f8de-5d59-8f5b-80edc2ea536d", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6c99d5b3-6c04-5052-b2cc-114fa14b75ad", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc5bef66-5e12-5537-9d5d-d11e7bd9a256", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b93537e-73d3-57fa-a661-356454d5a1e6", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3864fab-add0-5fa6-a684-a66cf57238af", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:32679e99-bcd6-5ffd-a677-78071588b2d9", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b61264d-617f-5e6e-91cc-ae88a790d487", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:af2e697a-449e-547e-a2c0-0ad800bb7119", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ef8508cd-0e76-5186-abe3-98e2ab25418a", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d224020-48f0-5634-a3cf-de2176764632", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:35d984ad-93d7-5daf-8c2e-93b866d13ee0", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-common-openapi 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7ba0dfb9-fdd5-583b-88b6-23a8e73726e1", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:326297e2-4823-5ddc-b4a8-ca252bc796ef", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c289701b-7668-5599-893d-136f9e81bddd", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:372a955d-c928-5b61-9e37-1e1a9aa911e4", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e3d12395-493f-50ae-8a9f-0e1e82b48a09", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5177ca2-434d-51e9-9386-13a23e8b9c66", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fee5c0a9-1e35-5122-9a71-805bfca0e159", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5686b94a-eb7e-5788-807c-be39bccd8841", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c99bc7e-d252-5488-99d2-3993e887504f", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-common-openapi 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:797fd4a4-cd39-5ed7-a4d0-5b066eb4091f", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2c2001c1-0068-5a48-ad29-2505e1d0c20d", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5fc7bff6-daf4-5783-b91f-131178e3dae1", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dbe47e45-764c-5b9a-871d-953addf51395", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-common-openapi 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f8b8864-62e8-5f20-8d5e-dde5692aa2a9", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b7ae2e7-95cc-5022-940d-ae0b39276f30", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d2fe8829-0b0d-5dc7-8d83-9d3afdf94201", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73a63c6e-9d12-5db5-8086-ebc8ff53bcb1", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.2" } ] }