{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:62265c39-079f-5726-8b73-0cc0f8efd226", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-client", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c7cc6eb7-6cf3-5c94-97c0-83a060194914", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2407dc65-c18a-51d3-8a37-571dc604ac13", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c7d53ca8-60e5-50e8-b458-0b32600462f2", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:82ad9872-31e2-5461-8db3-18cca347b20f", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:24d2124e-137a-5947-a5b7-3857b95f69ff", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1bf73c59-4304-5e8d-97b0-42ee3068aaa7", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:272ded67-8b0f-560f-8646-c074271707a9", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a77d3b8d-231b-5e9f-a98b-d0de5c495254", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bec28ff5-75d7-5729-a9f3-f6e060fc4bc7", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:567448e1-dd19-513e-afae-2bb4f296d0c0", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c506e16d-eae8-5e4c-823b-275377b48f70", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f33ee308-86ef-565f-9568-dd51ea2cede7", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:472dc8e4-9f89-5e0f-9d73-947ecd432407", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:40d04eec-6db0-57eb-9ee5-406079ed4843", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2b1cf2f0-c332-53fa-a89f-739d6764e622", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5bded73e-ee57-571b-a8c8-541a6a9be7d9", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b907ed65-6959-5823-b00f-051d93d4b9d8", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-client 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:71f17368-4ef0-5ab8-8a89-11f6abf8fb59", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f3fc63fe-ba0e-5f4d-9292-bf12cc8c4919", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4afb40dc-8784-58b5-ac72-2793de97d1f1", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4223bf92-1f44-5b7a-9f1b-d400def6b433", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:092e2bfc-8f29-5b72-bb4d-65525247f9b8", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9edf7ee2-5978-55a0-9642-d14e25f43b8f", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a135dd96-4dd9-562e-bfb6-4432ab3f9042", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ed65f1ec-affc-5f17-aeed-5e23142ef8e6", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:235a8485-5ef5-5d5a-a32a-bd9c1ef960f1", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-client 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:947b53ab-6509-5561-877e-671bfd258ca8", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8d73c7ba-c59a-57a3-945d-0bcd3c36deed", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:50f83283-d8c2-5597-908b-4b4515497812", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f87ff1f5-c1dc-5f2d-875a-5d7471ae5479", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-client 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aaef3949-2134-574c-8cb9-c3f63434dffb", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ba94a3c8-381a-5715-83aa-01402f621421", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:820c2f53-2d1c-577b-a786-fd3c08e99d5b", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:027b440f-17f0-53ed-af93-a3eb23c91310", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-client@3.5.9-tuxcare.3" } ] }