{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8afd9012-c14e-5a07-8c82-ac6799334aec", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:83209486-cf5a-5c32-9aee-0da6c8114176", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:98a068a8-d5f7-5650-a9a0-5c22cc8eb389", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:96035aab-6bc7-580e-b60d-b2e5ee1b6963", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:80f5e0ec-b288-5ba0-8fca-92cc38782277", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0c9b3c0e-7539-546f-b754-c5dcd39322a2", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5c32648c-d3c1-5017-85be-2bb8db44d8fb", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6c57db0c-2ae9-569b-a7c8-31e7eff66e5f", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d9fbb61d-ba38-55bf-8643-4c1db2031570", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0222ad83-2f5c-5afb-a6ec-c45142f90838", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2718208d-c49b-520d-ba42-748d65ee5ef5", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:249ecf55-c701-5464-a37d-3e204c1f339d", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:127d0234-8c31-544e-87b9-c8f6b948b11e", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6d76c917-1338-5d81-9bd2-abfa19a02e72", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b4d7a743-d3b7-5439-9cf4-2e31c552c674", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b9811da6-0372-5db7-83f2-ddefd0a2ee62", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:416fd3ef-5c14-590e-b91f-cdff727ece6c", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:78d83bcf-55e8-52f3-b08b-b7d63ce9f973", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3af49df5-5d08-5b7f-80b0-49a2931be3a8", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fca78691-0e32-5e23-ac0e-a74a74a53a75", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a08a4e70-3206-564b-a2db-fa6bb2891e37", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:70206006-eb2c-5222-8880-94474ffd6e61", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:171582a1-f34e-5ecf-98d1-3ae911e4ef68", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:81afc6d1-1201-5e68-933e-a27d206bd800", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3ce5c167-934e-5c0a-95bf-0b4d568ed78d", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5a9fd339-72bb-5dc7-baae-45345414f535", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9327481d-7552-53ea-ba27-962f03bf6220", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:85e62f9f-de8c-5bca-ba29-02099c51e3cb", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1a1da350-936d-5c1d-95db-fd25a07121d1", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:69ad954e-2a99-5f1c-b855-42d2fab709d5", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5075da6a-1a62-5d49-b941-e725c9e82d6c", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c2edb579-0036-53d9-989f-1fda1429a2c0", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a3a68815-1b5f-52a0-bfdc-1fcbdd45c4ee", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.11-tuxcare.7" } ] }