{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b19119c1-a7fd-57ab-a2ef-7e5d0fa7333d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-service-description", "version": "3.5.11-tuxcare.6", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cb58cbb2-3a6d-5315-a50e-1354de73da2c", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:39da1a4d-c2f2-5634-bf70-c878c9f40d12", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:23e7c054-30bc-5dc6-baba-78996f1d94d0", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:28f492c3-e435-5932-95a1-662ada7a828c", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b3388a5b-b66c-5e4f-a52a-c70dc249de43", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f498ef79-aafb-555b-b9c5-643a358a3c03", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6d6ae0fa-6179-5843-a2c7-f36d71cd3fe5", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:facef3cb-9e25-57cb-8b8b-6ec832345f29", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:aa6627ad-bff0-56a9-b792-cd2213377354", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:599b280f-aec7-5441-b131-f924cfec87f8", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3c41e514-5a4b-5d5a-b82b-67b1ed1bbe3b", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:236986c8-332d-5e32-b6af-e9a116504529", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4dc232bb-dce8-53a6-bc4d-51fd6f824b74", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2f429972-3e73-56b0-8e22-04e5d558c449", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8f308bd5-9e9e-5f4c-a02a-023d0754e11c", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d9d958d2-ccd7-580d-9e50-b738c6825101", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:875cab8b-7152-5b58-8bf3-383c75fd76d7", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:057efed9-a5e5-53e8-9488-2e4f8bb30e3f", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:19235d92-a3e1-55c8-b361-5167d6cc4e99", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3527c6ec-fbfd-57e4-8823-fc6cde379bd3", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:14fcdeed-cefa-5a1a-b7a5-e91af3f8d38c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:698406d4-326b-515f-adc4-658fd8de60f8", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9c207dc2-1a23-5a6c-a6dc-717afbc8b653", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e5b1fe1f-58b4-579b-a897-ecb6903bba12", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6da84042-8b36-542d-ac88-2069684ba4ed", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:49931a54-dc93-5d4c-8a4c-c4b14a41f895", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-service-description 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4c642f34-2303-5600-a285-d7525644f8cd", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:36314ad0-d912-518c-90b2-a22187c4e89c", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-service-description 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:776f0ff3-077f-5189-9436-3ef7a759a067", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d3362cb9-fe9b-5a2f-bfdd-edc131775565", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-service-description 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f8cce901-a15e-518d-8688-75ed49e2de5d", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:399abb58-b3d3-59ff-8dc2-c80d568bd33b", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.6" } ] }