{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:aff6fe32-c710-56bb-b37d-cf38d5294ab9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-service-description-openapi-v3", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:541959c1-5ece-5457-ac72-041a83b6512d", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b3e9d087-ee22-52f6-a9f4-744ea1dfbe49", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cea2384f-e1ca-590f-acd8-441fbf754d01", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ead98378-f58f-51ab-baee-6984935fcd99", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c61b10fc-6574-55f3-a2da-b298b0160945", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7ff797bd-6e1d-5775-9922-c1210f07972e", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:83a98b69-4c0a-5802-968e-ecfa3f8e61f2", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:afee216c-b6a6-5562-b51a-0b3c384434a9", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4f5ea32a-df16-5bb5-8982-f3a1d41c54f6", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ef08e111-3496-5d71-bdc8-a4095be13394", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b33913e8-f826-51d4-8b90-97dea21c5473", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fa9785f9-05e4-5ede-a0e9-d49c2bc29e3d", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b5e60444-344c-5c21-8af2-0f425899b99e", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7f0ffbe6-fd53-59fc-a52f-686f7e09fffd", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7ae0db26-2c62-5d84-b4b1-6a6f60e96d5c", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8335fad3-1d93-5125-81c3-447179a6b1e9", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:30e08440-e45e-5da7-9f93-2343d3f8354a", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:16fbdc70-f8f1-5580-8d8f-d7f458c19d3b", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4bb5cc3b-4e13-5205-9acf-1ffe2dcfe701", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:81082492-fa7b-59d2-bb5c-1e7739318ca0", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:562da665-eabc-5eae-84ee-223e77c545c5", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f36454ff-878a-5692-82a9-d6a734786694", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:290bc5da-90b9-53a1-a0fe-3c1d0ca493ba", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bb7b6b14-dd70-5fbc-9e04-cdb60d701dce", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bff8e076-7e6f-5a87-8968-c8f3c2875153", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ca6c4142-7a5a-5e63-bf28-893c66d89502", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-openapi-v3 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fc68197b-7df9-5168-a05d-b1fb65816f92", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b5252f79-1ec7-5c2f-aa79-e3be1afc5929", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-openapi-v3 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d94c74b5-a8d8-52d9-9f3c-323adff46643", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e021628b-f055-5f5d-91d4-3ded7ab6d9a0", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-openapi-v3 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:51288c7b-10e9-5aea-ac7b-9c0fe20e567b", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2be07d2a-442b-50b1-828d-66a0c63104e2", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.3" } ] }