{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:25dddef1-99bf-52da-b4ad-53a8841f7929", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-jose-jaxrs", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e5d741ae-5657-5aeb-81cf-f5b3e45d810d", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dcb533b8-9a72-579f-82ef-a53c7a9c1292", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d020ba4f-9a92-59a7-b921-1a97a7490d4e", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:156da00e-42d1-51a0-9b7f-259f8a91db5d", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e6938b87-bba5-5cbb-bac0-b96d66f170f4", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:34d646b3-83e6-56fd-a7aa-f9c04cd78c54", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9e025138-57e9-595f-8cf3-b29e3cc46920", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:39fbeab6-1e7d-51af-8036-56972d8a4069", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0c6dbc05-5006-5208-ba82-77a325dacfb4", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2e3c0c0a-a5ef-50de-9b58-f830b5b45ef4", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9fdf74ad-e609-521b-ba7d-d9f9f0324912", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c72eb230-c138-55bb-a2b4-3e39d91fdd5a", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:60a5c224-199b-5d8b-b862-32136678f94d", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0e6d0368-6e6a-51c6-b8c4-3f232bd079c7", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3194b0a9-330a-5037-8e01-48e5f2b36675", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:29c543b1-50e8-584b-8712-a19cdf6542f6", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fcf9430f-8ce8-5818-8b04-654ee17e6d5a", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-security-jose-jaxrs 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:580eb01a-6702-5108-b747-0434c7479fe5", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9089de1d-7cc4-5d1b-9f51-80315cd2de3c", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ebeae24e-d2a8-5873-9ca9-6db0863ea933", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:886c94ca-b464-5d29-aa0c-ccc8b1e90598", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3960f70a-a374-5b34-a89a-cebd07aab006", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a86ec946-8131-5f86-8c0c-3ca9d0ec93e4", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:913b60bd-432f-5bef-9b9e-9d35159d8c9a", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c1704810-dde0-59ce-8464-8446c4eda807", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5dcb1d0c-6b1d-56cc-b40d-b24c1ab3c17e", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-jose-jaxrs 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d8508038-5f85-5ef2-b33f-4e0c33e3535c", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:59d0222e-70a3-5e1e-9619-1c8d1f6e84c7", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:eb9825cb-5e38-59a4-a3e4-f398fe182079", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:80464742-362f-5d39-ade6-cd3ca818b970", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-jose-jaxrs 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a9df4629-f5fd-585a-9e02-4455a5a58604", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2b17f9bf-b872-5abb-8778-a08d9f9dcf00", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:40fc6c33-60dc-5214-8bcf-38351f45b335", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:26c948e6-e2ed-5103-b9dc-267434e6415c", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-jose-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-jose-jaxrs@3.5.9-tuxcare.5" } ] }