{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d3bd9bc9-399c-5d5a-b57f-63441c3d025d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-service-description-openapi-v3", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:28fc0ad6-2539-5ace-9d09-ad9d41691712", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c9d43190-f863-51c2-bbf4-4c3e0b98d96a", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d6b46047-02b5-5f1d-a67a-b86ca53133fb", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a4a4230a-47c7-52bc-a5f3-6964a45b5bbc", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d0bf8719-ed36-5703-9473-dab5df2ca6e0", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:277b7824-d942-50aa-a9ee-b0eb0e56a0f9", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1179e16b-e87f-5e1f-a74f-18eabd9abc32", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:202ecaae-43d2-5bbe-80f1-99294cd6f736", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fc6c715a-cff2-5926-8cdb-c7166f754078", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:52396ebf-9043-5bcd-bf7d-8f81d6b384b4", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:54ef0110-3b41-542a-8c8a-615041386936", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:628b81f3-5c80-5c1d-bade-c861fce8c460", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:cf0db27c-61f4-5176-a1fa-3efd9b5445eb", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1275bbd2-ca91-5e35-a096-dfcfbbfebec3", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d1c41ce4-7c87-55d3-ad08-1d72a778cb07", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3c505d43-a0ee-5e74-a82a-86e4c9c4460e", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c122b739-4b63-5d57-b196-76fc841a1b38", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b5761b84-a8a2-5398-a528-3a0c3af6815f", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:09336b1b-887f-5a45-8795-bde2bdd0339e", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:db14e93e-6f93-52cc-a19c-3651635af8a9", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3fcd2f11-0c9f-5bd6-8f74-4f6a77e54136", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7427dde4-ced5-5b9c-a533-787a716646a0", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5d0cad47-1781-5efe-938e-d8fd5832e53f", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6dc08367-225e-5eb4-9798-50e507850e5e", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5fe976d5-cc54-5c9d-a727-00f1520e3db4", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b4097c6f-c3f1-54bb-81fe-abc21d180304", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-openapi-v3 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f35eacf7-d459-59ab-9bb7-d5267e4c6a2b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:611f6037-0722-53a5-8fc2-22cff71ab1ce", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-openapi-v3 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6b7c3636-6eaf-5a13-ac78-0f4c7858aa85", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0686abef-a9f3-5284-9933-a3b3d2a819ee", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-service-description-openapi-v3 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:374780dc-2dbe-5e33-9ef8-7d1c594bebfe", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:44d7570d-038c-5208-88ee-f1560b3a305d", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description-openapi-v3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description-openapi-v3@3.5.11-tuxcare.7" } ] }