{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:930504ab-077b-54ad-9335-c3ffeb82a620", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-service-description-swagger", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f44d9699-05e6-56d7-bdfe-880d9aea4030", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4e5b6598-d9e6-50a7-beed-434ca8f126d7", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:808c5bf7-1de3-5f2b-9fd0-b219b5e01747", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba121fdf-a2c4-5d90-8317-44abba441a3b", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e1c6bfe-f4d5-59dc-93e1-a8e66f61e8e9", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6e08b0ea-fb54-5640-b442-c418a9caadac", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b737dad7-e5ee-54f3-9543-e9287e7905aa", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:12fcb682-efda-5838-a8fa-88de050f55a0", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f25c8bdd-102c-51d6-b861-14a11a71540a", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:48570794-25f4-5a3b-a11a-39ffa5c17faa", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b27ff09-bbe8-5720-9d08-b1c83e8b44bd", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b682dcb0-9bcc-56e7-a390-5f4417152b92", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d903f7fa-2381-54b6-91a9-d7937bb21782", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2390f63b-8646-5598-9110-79f110b756bc", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c48b1a5-1ba9-5f48-b53f-a9d9c7df53d1", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cbb51024-2c3d-5b33-b7a5-b8fc0f05f253", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:71fec20b-f600-58e7-bf71-ab0ecee082ab", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-swagger 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c0bb8993-0347-5468-8200-77fd1c6053f4", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:11d7811b-b771-5840-a358-667f3097fb07", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0bd32afe-9634-5466-8fa0-6c414e52ed9d", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5701bab0-6906-54d8-ab21-2152aa3a540a", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9747404d-48a5-5f7c-ab76-a96d890d05c4", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17b739bd-c680-58d9-a9fc-582d55b35824", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0331d883-ba69-58bf-a575-9d2cdcabc403", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:32ac46f5-6346-565c-b80a-14e13e22ca8b", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b43a575-970a-50dc-8c81-4ec4858e1621", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-swagger 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1b530e19-afae-583f-a138-a58657ff27f2", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b185ceac-79aa-57a3-ba14-724f46450e57", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:16912e3b-2988-5b54-8e9e-4f036d12a0ce", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3449935e-ad60-549b-8ab3-a39f2f16f6cf", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-swagger 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d8b03617-8c1f-59b7-a502-2b3b0d1ffade", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:db7758f1-acfc-5f44-90bd-ef6bac7d9489", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cea04618-d04e-5b27-aeb8-1a1316ca4139", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:51f2b85d-6587-5a79-aaa5-62c8391a8a9d", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.2" } ] }