{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:dabe2aeb-2a98-5165-9e8b-cbd9281fd3e4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-microprofile-jaxrs", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7f749762-846b-565c-bcd7-75e61c881392", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b97994e8-0de8-5a95-9cc7-b65e03e62efc", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bba4ba6f-4492-561b-9afd-4d034b067a68", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a13d27ff-1432-5eef-b3f5-abd87e2a3473", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4880a929-cddb-5615-9704-f907f728cda0", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:61e4bd5e-3818-51ce-8670-429337fba9b9", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f61ff789-a93c-5e63-a7d6-26fba7f9d652", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0a46628c-f1b2-56a9-ae4e-7bf886f9d377", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:630c573d-3901-523d-973d-316fa178a514", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ad37655d-f702-5d02-b158-55468756a6c5", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f738f51b-0dbd-5cd4-a700-b8441dc660c1", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5fdfd90d-e9c3-57be-89a2-2e32dbdd4bb0", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2c06415d-69e1-530e-b9a3-d120b28405d6", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5b3b2b28-deee-501a-bc3a-1be1d354e76a", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:02c9ed24-67e4-59f4-8f7f-378ad2b8ad2b", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a7834b67-fa76-5952-aad5-c1e78d437646", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fbb68467-25a8-5d17-96e1-b653f63c12fc", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-jaxrs 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6d3589c8-5771-5e31-8605-b018eb3cae11", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6111d8d9-9010-5de7-bb60-ed28aa17838e", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2180c76e-0a5c-5180-8c02-1e70b60f45a4", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b38cba00-8da3-5864-befc-0d1731313b57", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:96f7932a-a359-5b59-858f-c6d3b1c15760", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3c9e62b9-5a7b-542f-8aaf-cebd3dd0431c", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:749177b1-2fc8-562d-af73-8019a9c1315c", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1841731c-8937-5caa-8d31-e7b311d3c3d4", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f751053b-5a7e-579b-8a6a-051e5620660a", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-jaxrs 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f5e1680c-4fd4-504a-9352-ad345b9d8f32", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a0ef4efb-1cb5-5cd4-a656-aa2c4e5e3c6c", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c52aa015-ba8f-5d5c-8ec5-c0d8459e6d80", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0cbb9de5-cdd8-580d-9eb4-ecac9f5082c0", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-jaxrs 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:51774a9b-8851-5674-be0c-8c8a834c2f40", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:46db2b62-bae2-5619-a2f8-1848061ae543", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fb757522-aee0-5361-8dfd-b807c3a8b616", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4d18f27d-43f3-5465-8e82-7cc80a3c13b9", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf.systests:cxf-systests-microprofile-jaxrs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-jaxrs@3.5.9-tuxcare.5" } ] }