{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:776b3a4a-2570-53e7-8c1d-d4635431dd76", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-service-description", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a14a3a39-55e9-5193-acdf-ac9a045850e5", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:71d98553-0277-5fac-96ac-af5749e2f435", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c3b2b86e-afb4-58ea-b40a-b131a2dc451b", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:55dd9ded-0c94-5dfe-abb8-795662cea07c", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dee81256-aab7-537f-8415-cf20e6ff087e", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b6bf8819-7a9d-58d3-b61d-9fade70206cc", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0c8fae42-9035-5cba-b93b-9437233e1b68", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f3ac4146-adc3-568f-86f0-5b806e6936f0", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b58f97e1-d364-5175-a76b-d1f11ebdb189", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6610cf23-441b-5efc-bc86-576bf6cc3124", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c2ea431a-d879-52c7-9120-2cc6f871e358", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b8983ec7-67a8-521d-9d1d-ffd5ce4e405c", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5b9e00ee-6ff6-5239-9032-da2cc5ed82e2", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cd17b0c9-8aed-5a43-9a96-e26ea5ffbaef", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a85b2862-2a52-5c1f-b24b-c68e479c6cb4", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:54959dfd-7958-5c3d-9c10-796870f15646", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fd47a32a-426e-5a36-a602-2bb6291deb0f", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-service-description 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:86928d8e-0ac1-5151-9a27-ae8f75dcd18c", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f8c213bc-457f-5ff3-9440-f70d96b188a1", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:583208f1-be83-5dfd-b762-165a9a5b472e", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:aa889650-f795-5c24-99e6-45476e28205c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d23c72b2-265b-5bc8-9f75-49f1e2d39eb2", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:67b454b1-d569-55c5-8869-a1a8cf555c77", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2fed0012-aa03-594e-9a4b-1a84846ad43b", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7a05dc05-8c3e-58a9-a748-1ff016c85e26", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:62a61c33-e69c-5bf7-a07a-01ae81f79b8a", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-service-description 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fbf480b0-fd52-5eb4-899f-af212f4615ed", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:888f8b78-3302-5358-b805-e3e259ed9923", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4f1390d7-cd76-5f33-87b8-eba661432a58", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8170165f-141b-590b-a15f-3e79d6ce7147", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-service-description 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:750270cf-5dd8-5c23-9c7d-6e3ce9aaf599", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e47737c3-94fb-57b1-9fbe-106c78f57719", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b669d07d-f88e-5d3a-9c6e-070c22d746ba", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d27613fe-35ed-5331-9ef1-2e26d962953a", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.9-tuxcare.5" } ] }