{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c9692abd-2eb7-508f-9e10-24d10ff8176f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs", "version": "3.5.11-tuxcare.6", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:046b738f-354a-5d73-8e80-07c1035c1b42", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a5a04031-50ad-5c7e-836e-57315e44111e", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5d796057-fada-5bcd-9f9e-7cc7e2e5180f", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1c6e7627-93c6-5ac6-af65-0fcee4cae70d", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:df1a8be6-f860-591c-a9a6-8c221d7c523c", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9cec7711-635e-5240-8ed1-827bae0af8bc", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:50c0a3b3-cce1-515c-9b33-8d392da13ef6", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b31e95c4-3eab-576c-a7c4-9a82c82963d4", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:61ecf208-dbc8-5644-8d97-0716f68e8434", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:98fb87e1-3e84-50db-bf25-5c94d2822968", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f764b0c0-68f2-5e7a-9c65-2d52bb94b64c", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0ce18003-39f2-5d5d-bd32-e3b3ee43d399", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2d4ae69d-ccc4-5248-8082-f6933ed5b4ef", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b62dc9a5-0ac6-5895-b679-3f82283f6730", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b8a743ae-1a82-503a-8cef-0d5663e40e31", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:481fc964-851d-5524-8666-d9184f1d94e5", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7922e567-8bbb-545b-81b7-6923f98b6b2f", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:68f4e91e-9878-5ed3-bb8a-69bae39d716b", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:343d04d2-70ba-5b49-9c66-37fb795271e9", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a5c2d9cf-2d52-5223-bd03-2bedfe6416bd", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6c334986-3d03-5f49-8ad8-bb0c64d4a59d", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2f150512-0871-518e-920d-d22368161428", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:72b88dff-a634-5caf-ab52-4974512f9c09", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8d6eecc0-bf42-5be4-a748-01d22b36a992", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e6e4cf4f-1a65-59fe-a69d-6a7bc83b26eb", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:849ad251-6062-561d-b928-67db71033d12", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8cc3ce83-d779-56ef-96a1-53f68c377f9b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c21c6e0e-c3d0-5568-8dd8-18341053d4b3", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ab1c721c-40cf-5341-8dac-e46a8f720eca", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cb767975-197d-5441-a1e1-505c63a092e8", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:442285da-0aa5-536d-901b-0d9321d2e23f", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:893654ae-11b5-5210-8881-c155829b8024", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.6" } ] }