{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:26b5212c-d5c7-550b-b377-572d9cc3e3a6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-spring-boot-starter-jaxrs", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ea3aa0fe-d61d-57b9-abb9-d8af480645d9", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c09e071e-4899-5d37-9d4e-d15adcc49653", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:aa9660d2-7ad7-5c86-b7a9-6ab71c7c3c09", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1bd8f4c9-ab3a-57e3-ab6a-60fa1b59472a", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3cf98d8d-d337-59f6-ba87-86f1c25e6ff0", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6e36dc47-7f60-5dbf-afe8-fc077489db37", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:44d26587-201d-5b8c-9710-4304e21b1f77", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:adeb9f0b-1fb1-5c0d-bd86-0ebdf1838611", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:73da28fe-3a10-5c69-b963-9ce22c4111b9", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:644b5eb1-e1f5-5b12-a069-46a067d45fb0", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b3aa8503-4a45-5f4d-a4ca-82b1cad2ed0a", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:43d4e86e-f968-5ebf-a2ee-b9b758f9a5f4", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1e1a2b6a-1a95-53eb-91a9-166ae6e7b6f3", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:044830bb-7853-54d0-86d5-9f2708d3f773", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b38becbd-0864-5ede-9ba3-0e0053ed8214", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:48286e1c-9c55-517d-a3fe-68b31a7b3c22", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:394bd38b-73a4-5abd-b12a-b8349c34c2f6", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dda27e2c-c246-5850-98aa-73b0e6bf4699", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f358c84f-ddaf-5a2c-8ec8-14d82cda30fa", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:488b4260-c332-5eda-a418-537644513a2e", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ef06a277-a1ae-52a6-8990-989ce68d86d1", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6cfcab04-bcc0-5860-9a0a-665d4ba968b0", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6d1c6df7-40bd-592d-aae7-a60361cdcb35", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e89abd4b-f6cb-5ff2-97b8-ec047a033c64", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:93526b77-fe6e-5096-ac1c-ff681137e813", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a8ea0bdb-c13e-5310-ae02-6e747c440da3", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-spring-boot-starter-jaxrs 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dd012013-0968-5bb2-809b-3a8737fa2c5b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:46bd738b-ac99-59fa-b183-2ab8b62dff2b", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-spring-boot-starter-jaxrs 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:16cf16d2-b34b-54da-ac1b-64f2cb275d7c", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:da41da54-4f78-58b3-b491-8b1c8618c8a5", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-spring-boot-starter-jaxrs 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:68fe7693-a93d-5405-840d-7d83d2aa456f", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c3233e39-c878-5460-915a-6f4c42afad8a", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-starter-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-starter-jaxrs@3.5.11-tuxcare.5" } ] }