{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4fbcadb6-f952-57e2-a8f4-289e534b0c9f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-java2swagger-plugin", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2bb4e902-fc3c-5646-89a2-cb8bea5f1daf", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:451e35fd-3a37-5e6a-b05c-d1f5c11f207f", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f9d6e101-a3a7-51c3-958e-b0a1a2708c1f", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f8cde4dc-f2e8-578d-8e62-f038bb03a6b2", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3084e71d-f5cd-5eff-af9d-ca8ffc691e46", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:eee4e83a-3c6a-5ac2-8166-33911799e282", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7a7448c0-b00f-57d1-9041-744928b43e76", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e0570040-b08d-521e-bec8-549f5a88c7c7", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cf3bb3b8-7298-512a-bb20-ec83abdf635b", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d4f71161-2b1e-5f32-bbfe-be4aa06f52ad", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:aedc8a2f-d7d3-5126-a5e7-22ce2e3e11a6", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:84c3186d-71be-5167-a3da-96d4fb2b8b47", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0292861d-15b4-522f-82f4-6fee6c69be69", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a5217f70-095c-518e-b9dc-2d983aacd19c", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:62e35116-6aa3-57eb-b317-45ec814f618d", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e532c8d9-db6f-5ca1-88f8-fbad5980bf17", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c0e43979-cbe9-5d38-9829-fe3c88c98e01", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-java2swagger-plugin 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b1368976-9284-5f82-ad38-f242c2c1e99b", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6e3b6da8-ed44-54bd-a882-2a4a1a1f1f90", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:857130b6-6fa3-5562-9918-98b8c792f2a9", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2684fcb7-c81a-5f3e-a976-a663b1cc59bb", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d2e094cc-dfd9-5b88-98e7-93d7d5438d05", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:40513520-37e9-5c9b-bdec-3bd5f29a6410", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:aba9fca1-80c9-58c0-b2a4-1c8484972754", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:73ea4f3f-718c-5904-a1f4-41c777d02b52", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cc2cfcdf-d16c-5726-9034-5b2400b6e6b1", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-java2swagger-plugin 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0b4afe81-f30a-5c6c-8341-cbc79f617931", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7d08477d-8b0b-5bec-80b4-d238761fa618", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8ada31c9-b3c3-5aec-a4b2-eb8dcbe2adcc", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6434cd37-66ba-5e25-829d-d722d7cb05df", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-java2swagger-plugin 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:199c2c0b-8f28-5f04-8af3-1a2a9544ff57", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ef5d856c-79c2-5264-bef6-db471ba16512", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9dd6b3d8-8b05-5dab-b58e-54bef2a12e5d", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9ea15148-03a0-58d2-9da1-b7d0d0b619f5", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-java2swagger-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2swagger-plugin@3.5.9-tuxcare.5" } ] }