{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b3801867-126b-5edb-9886-921e27b011e3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-extension-reactivestreams", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8c2e583e-2bb9-5e1e-931c-25f17fe198e5", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0939ba8a-05de-5b2f-9e99-61866ea0dabc", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:38444515-38b9-53b0-a19b-d5c4a6bc770b", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:625db7c4-3baa-57cc-96d6-f18186e1f0f3", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13038508-6ac0-5ee9-b952-688927023541", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:847302ec-ad77-582b-b08c-c15cda39f06d", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:acfcf827-e8bf-5916-90fc-90fa2a4cc6a9", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9fe459e6-b4bf-5fa6-9ec6-87b82d5e7cad", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:151f3c66-c41b-5071-a28c-ce16defbf99e", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c3907a67-ed13-5897-8083-fd78279a97bd", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76349f96-309b-5cd8-8b83-9064acfbd064", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c8341017-2974-5db9-be6b-850f98ff507d", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca8ecdde-5eb4-5271-b3dc-4e629dc456fe", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:661c0b42-e21b-5e17-abdf-d315c64db7cb", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f93fcd35-9dc6-5c6d-9860-945d22fe6d6b", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d93098a1-d315-50e0-ad12-44ceadb3fb35", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:329c8c1a-610d-526b-a5cd-d30e84020d43", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-extension-reactivestreams 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:27b3e7c2-5dd4-54a1-bac7-a59625f74ef8", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:901a28d4-363e-50f5-87d8-26bf56afa538", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b897235-8c12-561d-88b8-4a519e7eb318", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:00d405c5-001f-57dc-8ad8-0799a9fc57da", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c5e83d70-cdaa-54f4-8e75-e30f968e99df", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fb336dc0-e72a-5656-bb61-d77ceedf9faa", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf3b63dd-605a-57f0-9a6f-8a7fcc6b902b", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:458135a7-d492-5c34-99ad-93c9dbb8ddd9", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:31ff7eb7-efcf-5e28-a860-1f4189f2b5aa", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-extension-reactivestreams 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a38462e-1fb7-538e-a928-52ba5165dfb3", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c9007e3a-7cc6-53b6-bd16-e9db62d51be3", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:124cbce4-2661-561b-96a8-1a96349ebd23", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a8849d25-ac93-5ee3-81fd-66822194b6a3", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-extension-reactivestreams 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:27cdd277-4492-5059-a664-5ab3bb4787fe", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d8784463-b91a-59a8-8cb8-4333ef640629", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fdd4725b-15cb-5b9c-ad70-196536ccd434", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:befb18c1-3b8b-55d8-9f43-5eb24e0aca8e", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9-tuxcare.2" } ] }