{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:74911647-db89-54b6-b022-761651dafc47", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-cors", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4510867e-90a8-5f0f-a9ee-ee12e4295861", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fb640df1-b88c-571c-9f49-80fb8259f518", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:771dd23d-4b56-5abf-9d71-38784cbd7267", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cd8829bf-ff57-56ef-9ec7-4d3ad1b1dad8", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c26627c9-8374-5f4c-9943-0a6227ba2dde", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:15ac7635-8c96-58a5-bf34-a8823a1e111e", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:504cbd0e-707f-5bad-b736-4e75369f8123", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9b83454b-ffe5-5f33-afa4-57dab8b4e990", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:920f4a26-4704-512a-90b2-ccab7630e1ea", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e4020f92-4a44-5fb8-b343-30c208d1da99", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:006ebc67-9e31-5d00-8588-d9b1cf5b2484", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2e322fe4-3016-55a0-a9d8-4de42a498723", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:be177775-69dd-5c42-86e7-3737dc1190f1", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:edb9df53-2792-5d68-a51b-9d9a86678019", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:061c3c41-3a18-5ea4-ab43-6e47ea2029a2", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a0d5eff3-c795-5a61-8ea9-b7c7ed690165", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d196a39c-f22e-5e9f-bcf7-c74a7db91234", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-security-cors 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7e67647c-9dd3-539e-b16c-103d8e1b8c5e", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e56b6015-2bf6-5662-8f3d-251519069a06", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4c4a93f8-7abd-5f23-bf03-7a938145cf07", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a7d61108-0f51-59af-98a2-8c925e1676a3", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6c989439-c3ea-58c4-8d05-390f5ec591d5", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4bf72662-8a71-5354-b3f4-ac3bc7cd6c24", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3bcc9b63-7b11-56de-b215-2c199aad45b5", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:762396cf-4e6a-56d5-83fb-7860ccbeeb78", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:77f937d0-d03b-5953-a13f-1a8c0950bfcb", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-cors 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cf746bad-4215-5e67-8594-0ff291d26ad7", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b5f58b02-61bd-5d6d-abfc-d224c1eea835", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b889a3a4-1382-5b77-97ea-0884eb605574", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:994313b7-2f8c-5a41-a1c4-eae816d7242c", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-cors 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4c772a99-fdb2-5cbb-be57-7bacce2cb0c5", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:943c6102-29f2-5600-a64b-513fbb11a2ef", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:684e3e2a-be7a-58aa-bb12-f493accdab19", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:124e747d-584f-5556-9cbe-9b4cce40d2d3", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-cors." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-cors@3.5.9-tuxcare.5" } ] }