{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2b6a2269-8098-56f2-b810-6f4e16ada4a1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-extension-providers", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7943eb59-9f86-5d18-a987-c866ae1b17be", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bfee5bbd-54f6-5dcd-93b6-3cae0e4aaff1", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f1e3a7fc-b09a-55c1-ae0e-08959a2686f9", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0e0b53a8-0da9-57fc-8a1f-09d36c7a7a5e", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b5ce9a06-cb9d-5d04-b9df-d2a44d154f83", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b9087007-8aec-52b6-9ae0-82237fcc7e49", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:79dc75eb-18d6-501b-9aab-bc85e98aa5ae", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e7c8f123-1e66-5f27-83ad-dab8d6147071", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cc19c48e-e0ea-5898-aefe-9010f6fc1b22", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b00155b5-7dd9-528d-a58d-9835425b27bf", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5777fd51-8755-5d41-a32c-29072a005050", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b5f4ddd0-1707-5e7c-8ef8-262210107052", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:75352c23-5be0-59c6-b17e-7d10a5a3f750", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7fb01a7d-2d1b-593f-9f2b-75318193285e", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:af5acc56-6f7e-53b4-8c99-7b40faa3a289", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:07f4e65d-47f3-57e3-b85a-b46d9315e831", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:883af977-b84d-5f76-9d61-34b6e4da01be", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-extension-providers 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7aeba10b-8607-546f-b706-66a182470bb2", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9e414619-0fcf-5016-a859-191f1a678eb2", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:adafac69-7c27-50a7-b547-ac9987c1140f", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:daf08d9d-05f3-59a2-979c-7fa8450cc6df", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3d1040d0-e34d-5d9c-9a4c-54886309efaf", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7602141c-d401-5e65-bce7-969f633d922d", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:75b76d8c-c904-59d4-9459-0da60a7c607b", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:42bdd728-fc4d-54c7-81a7-5edf59b90189", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:31c6a83f-6b36-5f75-94c7-f0736ba14848", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-extension-providers 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b083b6aa-f3d1-527e-ab2f-d10598c179e4", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5a7dec61-f740-513c-96bf-763610890f0e", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:82826d34-20e2-54fe-8b3d-49f1b30267bb", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c54c1276-a199-533a-bd8c-7c55cb784fdc", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-extension-providers 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ba5e7525-efc7-52da-91e5-bc8d00d27835", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a4933db8-0e00-5843-bb6c-4820150c673c", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7c04ba84-88c8-5db7-ae5a-0baaed431ba8", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1971485f-feeb-5f09-bef3-e26a9781d033", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-providers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-providers@3.5.9-tuxcare.3" } ] }