{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:cd7f04a1-e25a-5bcb-9c3d-afe54cf0a1f1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-service-description-swagger-ui", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:65b0d114-925e-52e9-a315-997bd014e0c4", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4611cb56-2c13-54b1-8c34-6f4550a4c8f2", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e65a354-e211-574c-b6f7-93919cde1527", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:441a620d-766b-5b17-ac26-740a8beed20e", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b153980-62bb-50c1-9457-e28f453b4088", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4ec9e4ac-5f77-51b7-8a5b-ab3213efdef2", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:77a11f59-6d39-5778-a496-185a11cf155d", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c29ca125-8052-57a7-aa62-0105b22cd2a1", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:63c55bf5-18d8-5630-a870-5ffc3351abef", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd526ea6-629f-59ec-810b-c64cb1099579", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab76fea0-213b-5ae1-bfb6-9bcf1a0d4bbf", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9311feb4-95c1-5d35-a2a4-a526f3fce309", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4c75c2f0-defe-594f-87d4-96a9fee67cea", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4d6351f7-c5a2-5c07-bb76-547f4547b035", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:62a2745b-3789-56e8-911e-44643722390a", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4105a8c9-f16b-5d5a-ae8a-edde47b50a2d", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0cfbea12-26d9-56f4-951b-9b373def87d8", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-swagger-ui 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c8ae183-a3c2-59eb-a23e-3b3f989e860d", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee6a7af6-d164-58cd-923b-b97d9a1e7058", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:32a856f0-749e-512b-8897-a17d2a3477cd", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96446d97-253b-51f5-8108-ba04f8d47279", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db38e0f4-d573-538d-81fb-6422294a30c6", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dab61c73-4209-56a9-b87e-38ec279d05c7", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f34c0cd-a3da-5d81-9f69-23f9f5e0e332", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc00db62-a0fa-5e2c-9e69-743654f260fd", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69d933f0-99e2-50f7-b7b2-30436fe120c6", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-swagger-ui 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cb13868e-bae2-573b-93e7-754e5dd69baf", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3e648928-a042-5fa5-8a56-580e9d44d4e0", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b04eb34a-3cf0-5e9a-9577-c559275e2649", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:43529ce5-4ed8-5872-8f13-34560d8f050d", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-swagger-ui 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:25af2491-ddda-574d-8e8d-ca676916c40d", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64325b32-e349-5381-9118-3cb1f8e7d3f0", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:690358c6-960a-5a0f-8ede-d501e70c55a4", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ff4d723-2fd8-5e9d-aeb0-9f2281b7cafa", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger-ui." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger-ui@3.5.9.tuxcare.1" } ] }