{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8dc47988-cb83-5089-8513-4b4619ca630c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-service-description-microprofile-openapi", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:17390258-228c-57fb-a0ef-25b0da94f168", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d6aa2979-f1a7-59cc-9db1-dcb6f439e16e", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f2680357-b99b-57eb-9658-7dbce5187170", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9e98e164-cbfb-536c-ad49-74e1592690cf", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3be35c37-f1d3-548e-910c-3c926715529c", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:015812f7-6335-537a-baba-cdb3fdf3ec1f", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78231266-1b9a-5d95-a495-f43a6380e553", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4d7c79a5-0c86-5016-a32c-a18f06030bf2", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:63925ee3-8671-5f8a-acbe-2a67040896c5", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:06996dda-c1bc-5c48-88a8-2ac744d47c0a", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c0f865d1-12db-53d0-b7b6-d22a7f585fa3", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7a94a362-7d0d-5369-a53f-37dc0cf0d070", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bb79cbb3-d663-518a-83d5-71fece5fcf68", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:93feac8f-e5ca-5ff8-ad72-e34acf4a5f9d", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a5c55185-48cb-5f76-b52b-897c69cbff85", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:07e00168-dc00-5f75-902a-59a5d5e95904", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4bf2a6bd-e0bd-552b-a7da-12df854f9923", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78052c2e-5513-5c4f-929f-5540f0ce7b5b", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a719674a-22ff-552c-b19c-f33ecee6df19", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:22a4c909-4a01-5148-b9c8-88488909d2aa", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bba0db01-3170-5673-bcae-b89edb9f5e74", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:18550148-76a7-534a-9b1f-008b2d9751fc", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:89ab0118-f953-5c48-8ae8-9178e43d6f84", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2b45c81d-aea7-5826-86ad-ebfdfaac83ab", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cee21f3a-e299-5554-9a05-48298947efb6", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:27ee53de-8135-5649-a8d9-b21f9fb4246a", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:09521c7f-1d37-5d93-b0c4-c699ad509b96", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b4e0f0b0-580e-5183-9e7c-1a76f0e21b87", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b8578e98-d058-5129-afeb-f02f76077113", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e42f9015-041e-5237-a38e-65cc03ad2df9", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a48ab6db-7c29-59d3-9953-51f81fb9c658", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:85be90e4-9604-59c2-a566-e20fb5c5ac64", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.3" } ] }