{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e60263db-9512-57a5-8f4e-a436df630665", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-http-signature", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:360b19c3-3530-51f0-880a-670d7383f282", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a53a0d1e-5576-57af-b004-7cdb9ef11b44", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d210a6fc-8056-5bd2-902a-30241cbb32e8", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:48f17021-cb47-517c-877a-84b91aaf3c5b", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d9eb77ee-0214-597a-8c03-c9d59e65b1d0", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:573e989c-9cc7-5f22-9050-6cad1982440a", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:266f2334-1eee-54a1-bb93-878787cd2fbf", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:8533897f-8efc-5bbb-9e8c-387bfb46629e", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:88c8ab6e-2dd9-512e-9574-877bf6ce4348", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e96b6ee4-dc9f-56a4-a56f-072a60d2d20c", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0f19f1c7-dffd-50f1-a1f8-7dd3060bd4b0", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1c9022d3-0dd1-5609-bdb1-5d40f4e8a5cb", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1aabbb32-5d6d-5715-9152-7b6d2c1d6bf3", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:65d246c0-573e-58ed-abe7-bdd958c4eca6", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:48eb1df8-fb03-5459-bfcd-56c7ae35bb65", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ae127d93-bb49-5dcc-9f0e-b2e438d3850c", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b8fec6db-6a34-581b-8d40-0e86a3cd8106", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:db4dd817-626d-5279-a7b1-edffcbf19955", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c6a83c41-2fbf-57fa-a984-87d9db23d150", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fbe36943-ffe5-51ee-b4fa-79149279e932", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e630f05f-6b34-56ac-9d85-af92220aeebb", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e53dec48-cd17-56d5-b5d9-92ae3fbebf16", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3e34c56d-e5e0-5556-b071-81201b7c44cd", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:47c60037-0802-53af-931f-0c414e6ff0de", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a6cbe21e-f0db-567e-aa4a-37cacd28c9e0", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e35c96d1-0aa6-52b3-a0ae-af004c062101", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-http-signature 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:128a058a-bc3a-5d91-8af7-3b2b1d700dd1", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:dc54b1a5-0d05-5ae2-b481-05aa6b76cf94", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-security-http-signature 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5664f9a8-c092-5039-84d4-a971356c469e", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:29309737-3a8d-5468-957c-972a8789f362", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-http-signature 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:400fb1c7-c9aa-5137-8d1d-53415f634981", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1ca149bd-daaa-53bd-9745-479ff46a5939", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-http-signature." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-http-signature@3.5.11-tuxcare.7" } ] }