{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f209dbda-4428-5364-99d5-0d2e2fc779e5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-service-description-swagger", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:248c2913-b268-58b7-83fb-cb659e3bb47f", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4a509571-6907-5875-82d6-1b1b88a2182b", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:79b3dcf2-1505-5375-8549-0242e8bc6005", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:31b849f9-57d4-5a63-9ea5-304d80e8165a", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:826f3120-10eb-57bc-ad1b-cff621573a27", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:18778344-ed3c-50ed-915e-d6106930042b", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac4c4721-963a-5939-a9eb-6b143d1706b3", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:336fa3ff-f62d-5b4a-9f15-bf7b7fcfc982", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2c079e96-bb04-584d-b4ca-edb83a2ca9b6", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:993d3d5a-6d73-5697-b8a3-0e61d53aa83b", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c3cb70c0-0f70-5439-b75e-a93031910325", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9febd254-9a6d-5895-9fdc-c0b98aee4b6d", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9a3b4bfc-ffc2-50a1-8a10-9ef03b29d67c", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8fa026bc-58c5-50b5-b46b-a04c775a43e0", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1cf5cd07-0524-5d4c-8381-f6d84ee59c89", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:906c740e-8315-5440-a479-812d8611ed58", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7af41078-257c-52f1-8f08-1b74ff6442ca", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-swagger 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9092f090-f07c-53c1-b97a-ac4b475a7ed3", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fad8c99d-03bc-57ab-b79b-267a0792120a", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6f840c20-ed82-50df-a922-996dda8db553", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c4179489-bcb1-5bf9-bbf4-8f4d52c99421", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b53ee995-aab6-5ef0-bcca-43b399b62184", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2d1973b2-2509-5340-9edf-34bd815fdb9e", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ce2f7831-65e4-54fd-b090-9c8f84799d28", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1f627985-d479-5192-9074-79bef8698b7c", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7cc74c2f-67ea-5488-8564-d87013ace0e7", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-swagger 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:85742e92-d94b-5dbb-b030-d458027998ff", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b4db3aec-0e7d-5231-8b7d-92c543b1a584", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7c009de0-fe72-59ac-bde3-b56ccef6c25e", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e20e6824-1ba3-54ff-940a-5df444406498", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-swagger 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5654998c-76bf-5119-b899-fb565c63faf9", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1553102c-f869-5685-ad57-7e73283f51e8", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7da2653f-ec9f-5986-9293-a6586ef5949f", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3b5fb9ba-5d32-5a83-aabb-c8253bc3528c", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9-tuxcare.3" } ] }