{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1d4cdfd9-5abe-5d74-880b-a43c363bdbdd", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:32c3e8a0-6d33-5c25-be61-d474ae03c7d3", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:31c0a657-1753-55ad-95a0-f82fe54d6232", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7f98efbc-1774-558b-a4e6-7b26a4383bc4", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5f5f4717-24b8-5faa-9e33-66cbab1c0162", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2ae3eeb3-4e47-5f0b-9ec9-593695f53a47", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:68551dd6-986c-5be3-bb84-e870a4c69bff", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e05ad29f-178d-5395-ba95-e34b9b8b2f5b", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:26f71fd8-dbe1-54dc-bffd-4cfbe2e126da", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b9e481bf-d8b1-5ec4-95e7-0b8dbba1f952", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:206d77c7-e5fc-5409-ad42-90351c29b4ec", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:409cb203-b3e1-5b84-8bdc-4a266d93cfa6", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5b7bbe45-e8ae-5226-b255-27ffe4c93b01", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:38d7e513-bfc4-539b-947f-a21d01d2c773", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0dc35a11-93de-55f7-aa3e-0c0dde695b21", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:171fa4aa-445d-5e09-9a80-9bad0d50e8f3", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bcea3a0b-181b-54aa-a685-9e9d876f0ea8", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6554e5bd-2a11-53c9-9ceb-ca77f708964d", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6309ae89-3589-57b8-8a6b-45eb192fa50c", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b902bfdf-b162-561b-9473-efb638bebd97", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:71dfdae5-6247-5e48-aef0-5bd0ac350d9b", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d1ff07ec-7d17-526c-bdd1-e28abdc09a6b", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:32da0382-b25d-5f85-9c96-6e7911d9ae4c", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:518f3f62-e7ac-5f4f-a230-2cbca2492566", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5b89c630-dee3-5f5b-b129-dae2b6993165", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:06faaef8-d434-56c8-9663-9d2f6b76d186", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:50e5d326-c938-5719-8d20-4258884df5bc", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:07d33156-b007-5ac1-b98d-a1137639fdc9", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:30d54c11-f3fa-5562-b781-5dc975c483da", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d1a8d7f8-0b38-56a9-b207-69954567d7ff", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:153cd528-3545-5d62-b383-f9e0b5d01361", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a4dee639-a045-5224-8132-5e29572527cb", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1a411920-1295-53a7-9174-75e276575197", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.5" } ] }