{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d42f2cdc-9279-5b68-b662-fbb46cbb66cf", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-service-description-openapi-v3", "version": "3.5.11-tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1e303cbf-9228-5689-84ed-fd80d8902ff5", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64a401af-4bdc-5530-9d4e-4c18acc1cebd", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc75a166-7ff5-564a-9b7e-31899032e745", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe0b22b1-097d-50fc-8313-7af1dc38da66", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b37473a-36e4-529d-9fb5-7e4c47f52f7b", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d8a66ec2-aadf-5f73-a3ee-7d186ec06da8", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:06246e83-b13e-5c28-9396-467342ead35a", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:79a549f3-99d8-5b3c-99a9-b05ff670c297", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c4a5979-b5bd-5541-9e26-f21749bffc82", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fbe15441-78a2-5177-8dc2-16e202fd3255", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b3a01b7-45b1-5361-92d6-8ae0cec08f65", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ee990a5-aa31-598e-99af-047a4f35a28f", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7043253f-9849-5478-93cb-3e1dfe58b58b", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20f6fbe3-f6c7-59b5-b096-493d559d92f2", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3797031f-6eec-50ca-ba2e-4a5f93debadd", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24253bdf-a5d2-5aff-a951-412ec0609dd4", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0b5d9fca-a148-5da9-954d-a6e0d9f7af25", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eef90895-c710-5854-a04a-6f92c02a5bf3", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f62115b9-1269-5e5c-be68-40841e4bd295", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:593db9e1-5560-57e3-a0fc-904409d25f25", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:326f1e49-05f3-5f44-9ca8-6e04266310c5", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b38e577a-d429-5d3f-b5b2-cdd0534e53ac", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9a2f5ad-1374-5ab8-960c-df2cc0375f29", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64a268e1-fe75-5e19-b7cb-67a4deec0c72", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72c7bf29-d81c-59a7-a274-1071daeed985", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:36c7c515-6600-5b0d-8b48-70cac8f782a2", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-openapi-v3 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:817317b2-10ed-574c-977e-89c7f985ccc2", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:304b7be2-509a-5d08-b4f1-39546e6376e7", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-openapi-v3 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec3d30c3-75be-5254-8fa5-746c016b540c", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b58f28c8-4609-5315-9df0-e7acdb8f11c5", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-openapi-v3 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2cffd0f9-c84c-5230-83e2-09b7a0e1e839", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e69b3acf-f8d1-58c1-af55-3e83ca6aeac9", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.1" } ] }