{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:df132ca4-7b1f-5605-8840-80fa9663f631", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-service-description-common-openapi", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5ae2b643-5534-58bd-b1b1-4423cc3c7395", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4b078761-c47d-5620-b2fa-2e6fd1ebdab9", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e3b15fea-514c-58ea-afd3-e50a95e4c667", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6e14e027-7673-5cfe-bbae-57e81bf41f89", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:70e0a9f3-6f9a-5f7f-81c3-12d959992b53", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:25be8730-6fe1-534d-ab0d-8eda933dec04", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e80d46ba-c6f4-5db1-99c2-182bab85f940", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:82bbcbd7-2e49-5619-82ec-95ec30981fe2", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f4c97024-bc2d-5b66-81ea-8d7dac4a23f9", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dceaf26a-37a2-57ca-9135-c2191aeb9561", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ca7bf430-b8d2-560f-9d57-3507bc30987b", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:516a3572-a2f5-5873-b7ed-deac116ed532", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2aba9b63-f3e0-556f-a542-1d5816d864c8", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:15088c2d-56ab-5569-8a69-7a394f9b7fd6", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d9ed437d-a3f8-5ed6-926c-fc813fd8e74a", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:36c39100-30ee-559d-96a9-ae228b1f0d16", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c78fe130-6031-53fd-a747-999fb9a5ffc6", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-common-openapi 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9bc65f9e-bc65-5dde-9604-c1db3b264a05", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:93957603-85b7-541f-b291-46e3762a6e90", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c37456a9-8291-5b81-beeb-3012c870388a", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e5a9d4c4-ce51-5822-954b-d31b883f5284", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:83145f1c-ca42-5dfe-a351-7cab41739b53", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:96289ab3-29cd-566b-8a84-ae9bba92ab95", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b0f9d200-79cb-52de-8ba4-99343b10c921", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cce35f93-3820-5fc3-87de-d00e1b243d9c", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3d8ab197-b98b-59e6-b229-2495d6a1c75a", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-common-openapi 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b8dc2ad7-89bf-5602-9187-3a8fc3606359", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5e7714ea-9dbd-5d21-8749-8ad6282a3fe2", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6db00983-20ac-5e80-997e-99bfcd6092e0", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2638e10e-57fc-5140-a4d8-0d23530dd205", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-common-openapi 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2c3cc710-f586-5e1d-af94-0e7709ea6584", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e41f58fa-c3a4-502d-9c20-73a05a0d882c", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ead495fc-54b0-5c4c-82ce-e0aad38d2cef", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9069c8e9-e843-5ecf-baeb-364dfd037d68", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-common-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-common-openapi@3.5.9-tuxcare.4" } ] }