{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:60ab20a9-28bc-582b-9f4d-def553650288", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-extension-reactivestreams", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:289e3e0e-5327-51b7-b9af-b1abe65f0272", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:22b28add-6bf6-5b47-9a65-404a69ebc3ac", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4a4e677e-189d-52cd-9233-30e639135ab0", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d1d96a1f-2a9d-5e42-baac-2a662aaaedc5", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d62fd19-e6c9-5f5e-8859-2bd20fb50bd0", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e7f511b-9ea8-561c-9ff0-f934887589a7", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e60feb25-d8d2-51bb-8181-0f41aca5cc4b", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:84bacdab-44cf-5562-8527-480c876a67d5", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d2dd4665-49e1-559b-97e6-c587654c2ace", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c7de4efb-d4b0-550c-8098-0c2aafadcb5e", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0eda3dc-98ba-58eb-8690-fa78f4f90ad6", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf64163c-2c89-5549-9e9e-9238cfbe0555", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7efb63f9-f939-5932-9084-1d63c0720f06", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4fed5268-819c-5aa8-8d97-9ece11f152c2", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e5277b60-ea5a-5cee-9b75-ec20cb3b1026", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f4009c31-1af1-57a5-b536-2ff41bec3b74", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a3368e1-5389-50f5-8b45-a697695c2bb5", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-extension-reactivestreams 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:817b4790-67d5-547f-8cb6-2573472efd63", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3c37d3d3-99ce-588b-b95d-2de2617494f8", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:00d07f3f-a992-5fb0-bc8c-08ec33023482", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9feda95d-d59b-58b8-bc23-f10e4777c095", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9a3e60e8-b2d0-53b1-919e-98ec60cd75cc", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5f6c6ee-6e8a-5acc-baca-b685707d8fe5", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4e2bb535-cf85-569b-bb88-1b723666d63b", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d1f8554a-dd0b-513c-a025-68aaa83f43b1", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c7f7c5fc-0cf3-5ca6-bb42-fd3c59a79659", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-extension-reactivestreams 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:38b6b5ad-9960-5fc2-9e07-572558372f83", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:94232d78-0153-5b0e-bfc2-8e6bad97f705", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c7f93340-25f3-5ef8-8135-03f8c336df14", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f57d8c0-8b7b-5b1b-88be-83a1d4ff8ba9", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-extension-reactivestreams 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:798c69f8-8519-54a6-8ef9-52dd1c0e4f2e", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1c3e8ae8-006d-5dc6-a217-92a5d5d5b82f", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75632cf7-4003-503e-b7b3-4024d9cc3dfa", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:efea3f3e-73ff-534b-82bc-79a3fe2800f6", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-reactivestreams." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactivestreams@3.5.9.tuxcare.1" } ] }