{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:de0c5940-6245-528f-b3e1-6b941b43d3c7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-service-description", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:06f1fff1-c8e2-53f6-bda4-1f953fbdc8bf", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ce74f328-85bd-57e9-a240-31d10cd90445", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7c4bdf61-41e1-520e-a65d-0c5695282d40", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:483d4e52-1f2d-5207-b1f0-c29446795141", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:573288d1-0db1-5793-860a-e324f56b78d6", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9945a549-331f-5960-bd6c-e78279ecc7da", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0c742d30-0bbc-5dcb-b080-a678d07c8635", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4f1fb4af-69fb-5af6-b59a-31586cfb661a", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c3b3c1ba-6b97-5f64-aa56-f5e9fa2c161b", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:8fd82a64-0148-5fa4-b406-314357734ed8", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b1a5155a-d3fd-5398-b984-38cc52c5377a", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c4230e6b-88f1-5129-8856-c1868ab47810", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2616c8e2-b14c-55f4-bb35-c38537619258", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:39472b5f-bfa8-546a-9b8d-3272c755d44f", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:aea17085-41f0-5501-bcc7-50cf590e8151", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:99c1c78f-c446-5a41-9519-086c160f0d5e", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4f086ea1-9ba0-5294-8a6f-c2cd1fb3c975", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4ae6224f-87c6-5dea-932e-2fe3c8ac2d2c", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2da6087f-6f00-59b6-9dc0-936865844295", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3cfc82bb-013b-532f-8b01-5123782e5c0f", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5ef5f066-7fc4-5b29-86b6-17a515112235", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ff0dc610-7764-58b5-86b3-6746ffdd82bc", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:36e75f16-e9b0-589d-9975-cf9f3e53907a", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:84925a7e-19db-5835-af20-782bdc535e1a", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:599c87be-0c1c-5c84-a319-82332e30cda8", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e6393a28-2ad5-53a9-b049-d2adb60e7066", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-service-description 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2ad6de1c-c8e3-51ec-9598-b413f3aa80a1", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:963aac32-8303-5f11-a1cc-2f4f23a22bc9", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-service-description 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:23546b42-1909-5d70-a62c-762527c0346c", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:334acc5f-760f-5ae9-9a84-31125d56c7d4", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-service-description 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:8ade901b-a295-5a6b-a082-297126926395", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:dbcc89db-e9f5-55fe-b535-246574ac4506", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-service-description." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-service-description@3.5.11-tuxcare.7" } ] }