{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:66d11674-7faa-5cd3-af9b-f1aeb7a14de4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-service-description-microprofile-openapi", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c5090ee7-ef6e-5b1f-81e8-b4fbb2c2d8ea", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a2e3cd2f-b107-5e96-b2c7-4bff091091ce", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4c0e9d2b-ac77-58e3-9b1a-49904210c307", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f10c8c35-9328-51c1-b60c-584340ce217c", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:128f35db-11ae-549d-8d03-3cf777a3fbcb", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:bd86ab2f-83f5-515f-93ad-3788b3197ab8", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3d138b94-6d49-5c9f-a1f1-cc8dfe5c5a20", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1617ddf0-2a5c-5505-9134-d017cc71b73a", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e7412ac8-3cf7-55b1-8af3-df7ea45f9fa0", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ff52c853-44ef-58d8-aecc-498ff8e760ed", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6d57f5cc-75a1-535d-83ca-c48dba6e46d3", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d80f404f-24ef-57de-9084-4313e3df55d8", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:872dfc2b-2394-5dd3-ad09-45641bc4be80", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:28489a92-5579-511f-b6d4-3dc63b516d1e", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a2a45090-5b05-547a-8396-50b3410b7f88", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:382c010e-ab9a-5b14-8d40-1934549e3bef", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a6f7245e-1def-57b9-99f3-9025dc735028", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7449bd7d-6779-527f-a316-9a277090736b", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:427734d1-4c60-577b-a6fe-416c876f15e5", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:535a9d21-c8a5-59ff-ad6e-9eea2d3b6ce8", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0b17d64f-c120-5c32-b52c-f61a5f9e4681", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4b470b77-37e2-5077-a624-a47a48b081ef", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6ef17c08-57e3-5b44-b800-9c6ded1115c5", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3ff1eae6-e859-5c3d-be2a-84c9121dd06c", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:758b7160-dbbe-5fa7-b08d-42dab806bd15", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:80ce8ed8-a109-5218-988d-3f6b4651fdbe", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b5140b36-7649-59b3-ad74-77aa96adb9d2", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c2be0b68-a3ca-55a5-9646-5dd75457223d", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:dd3ae3ce-82fb-5472-94e1-0121a4026509", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b4cc96f6-cffc-55c1-96df-cc152e837d1c", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:53e86b2a-bf11-5cda-a288-594b8f321e7a", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5de8e0bd-bc4b-553e-a056-bf1d369f1ea5", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-microprofile-openapi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-microprofile-openapi@3.5.11-tuxcare.7" } ] }