{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fb3c77cd-1691-53d6-aca1-e5b3c5fc5416", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-service-description-openapi-v3", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8e26a198-65c8-5ccc-8f31-831dcec6df7b", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ee2abd21-3eca-57df-b37c-2101a48f04a3", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dee5488e-3903-533f-9999-254736a437eb", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a02d82f2-66ad-5f50-b9df-2c448f07a99c", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:901d46c4-cd3d-5de5-b225-a5c42fb98ede", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a7c7cd7e-8646-5d4f-817f-9848b88b420c", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f65befb4-e57f-58de-bcbf-99c8c23db9fa", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a9b51e60-0145-5a35-91be-86561a0a9882", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:22d7cbd1-0d60-57bc-8526-8426c9097c77", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:46d8752d-e124-5879-9e74-f1ce1bf2d2a4", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cafa4e0c-ac7c-5f61-ada6-9bee3ab635a0", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ac62fa27-8334-5b33-b022-750b41fb79c3", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d81d96c7-73c7-5a5e-8588-d56003ce00a8", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:533822fd-00ef-536a-98d4-c7754c713832", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:05881dd5-81e9-566d-b7e9-e27ad546c5d5", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:267937d3-5046-5291-96a4-1fd8e56d0534", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2e9700f4-532a-5ff3-8672-06c3dd4c96bd", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b3b95d49-46c9-516c-a718-7003222d6687", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4acd0373-8539-5084-a5c5-92f046706e69", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4ee061b4-d50a-58d0-982b-1718b94cfa8b", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:37a82227-ad67-549b-880c-247a6252c099", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0628196f-9356-59f6-8ff2-8683f24439eb", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:073c33f9-88c4-50bd-bd3c-7accca845895", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6d9c7156-690c-5198-8636-b59e8502433c", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:33e65e20-91b4-52dd-85d0-b946351d022f", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3b050870-0e51-5dbd-b45b-47ad2ee0fdd5", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-openapi-v3 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fad3a8e4-ed27-5029-b3f7-e8793e7d6842", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:82a1566a-83d6-52ab-b375-695be6dd7bd4", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-openapi-v3 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:96212539-72f8-5127-bb7f-ad4979ebd753", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:57e42344-8891-5270-a239-137378274c57", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-openapi-v3 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:710b6b27-b7f7-5037-992f-df272b79df44", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:23786f29-d616-50d4-a257-b85f284b0dca", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.4" } ] }