{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:eb278d11-47b8-5953-a216-a7f4c480b887", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-jose", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:50f25853-5749-5ce0-826a-82621f479991", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c19b70e9-6a4b-532b-8442-c25aeaae2138", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1547fe5b-3395-56b8-a27c-5f55e7d231be", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4c0631a2-a9be-5e47-af9a-0425348090b4", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:47268a38-4444-5835-9279-09359cf8905d", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:bb4d3bf1-79e1-5853-8218-f13f5ebb5e05", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:34efb9e7-d243-5e2d-9ef7-a6740013e073", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5f04461e-333b-55a1-a6b9-d9211c41efeb", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5af8a75c-c6df-5776-8148-0b5556176f7e", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1f9b4f2d-9dd6-594a-a9a2-ff2dce06d512", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d35a766e-41f4-5215-8b85-80380d0022f1", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:53ee2692-51cb-558c-9c5a-1b96792eb2e4", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d4762fbc-c47f-5041-b799-a57b816916a4", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b46c1904-8f0d-51ba-9a47-b461aa6c7f62", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2668e45c-e25f-5c51-9839-99bdafe87db6", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:691b4be8-f3f6-5891-8d78-b147f88c05f4", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a698325b-bbdf-5a8b-a13d-eef94c2b8851", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b2d17e81-6df8-5b4b-8b70-d867960e0ed3", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:aad812d6-9a87-5b5b-b7ef-85cdc3afbf33", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:91798699-b3ed-51ec-9d43-a4ac2f71ea72", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c210c9ae-d5df-5e40-8d4d-0d75be423f5a", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1de2bddc-f157-5167-831e-6550ef264b5b", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:251d278f-543f-5be1-8820-17defdd249c2", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:67cab730-77ac-53f6-97cf-6b8f3afee0b7", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a3edca52-3a76-5e0c-a0ce-98a7a7725272", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:652bf6df-e7cd-5015-b1a0-218f7e0d7fa8", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-jose 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:032d940e-2a2a-5592-b940-19c5f755cb61", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5f5243a4-3a6b-57ce-9e0c-00a0d97d0a53", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-security-jose 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:abd4682a-250c-53f0-b2b9-64210eadb499", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6952b453-cbdf-5687-9d73-c61b9c79c6a5", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-jose 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5a1ea2a3-ea85-5001-aea3-f774e771adf2", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9819da26-fc92-5934-8287-55eb0ead02d5", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-jose." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose@3.5.11-tuxcare.7" } ] }