{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a8587dd2-0a18-500d-9313-54e584556e6d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-service-description-swagger", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:284b2794-bc3c-52a7-a09c-3d9a14551e7b", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0099c3c9-9cc2-5778-bfef-1c0f9afc1931", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:528c1d9d-ebe0-5150-adf6-708b73842831", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0e478d0-bb50-5925-b930-e2b5a8bcfd92", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1888d90-82c0-54c0-8742-041d4caf268a", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cb198e27-c689-5493-9e16-3280138c349c", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:abe675ec-d1f0-5c3c-b7b9-494b63eb1fb7", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5338a3c8-6eb8-5bfa-bf56-758c2cf9cb6c", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b23777a2-bf04-5dfe-84e3-4b6cb1de11e5", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d8c99bed-08b3-5b70-bfe2-b0c0ab9f5673", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e64f797f-b6b1-5ad7-8e7d-b64bdaa4028a", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f479691e-547d-5deb-838b-b4a2e18bb0f4", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d5fb9e76-8ed2-5007-b83e-00eca922bb7d", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e98a64ce-7f5e-54fd-96dd-34b0715e1886", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99285aff-1ea4-5bb2-8194-d2837752c02e", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:48d128fd-bdb1-5dd5-a805-59718b633114", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c542b1a-8735-5ade-be6a-035aa6e7ca92", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-swagger 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cb494772-be7f-5469-95f8-1f6c78f63a23", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f66b371d-6a80-5e71-8bc9-59d598504777", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6cb50745-04be-562e-b3f1-e6a0f20bb0d0", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3c707bc9-f768-5706-a2c3-51eac27add19", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:515ee1b9-5863-5523-a91e-8269e576721b", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:79f06e78-3684-5f1d-b2eb-dbcfbf4a21cb", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ab8cb42-e8d9-5bb8-8b5d-dbcdf15307e3", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2adf1cd7-5117-572a-8f48-8bad0742da53", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19e27ea8-4aee-5df6-9576-8f5d09a535d2", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-swagger 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:437b458c-6251-5283-bca2-4c374d2174ff", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d49c96b7-6d70-50c2-9270-34bd71dd6db9", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4a862986-45fd-5fcb-8ed2-76cdd3da608d", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a65404e2-b1a6-5c22-af24-e91ab1f687a6", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-swagger 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:706c0ea4-a099-502b-b8e5-7befb3a8fb07", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:379265f9-09ae-5727-929b-caab59819a2c", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e1f7802f-1724-5f4d-a87d-1888efac4efd", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d05d3259-d9b5-5d9f-b455-99d96bfa9a60", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-service-description-swagger." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-swagger@3.5.9.tuxcare.1" } ] }