{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:50b5bd95-bc70-5536-86d4-57459ba4fe80", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-extension-reactor", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3c0e5b11-d91c-5eee-a015-e0de10ececd1", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7d3841a5-9693-58f2-9f83-9db2be4d84b7", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:16872c8e-ebf8-5378-ada0-f391f9163fa6", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d58e7984-0242-59de-b350-f7512207896b", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e62a774b-7ee3-511b-9524-fa9362b0e2ca", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4768e9da-ccce-526a-b357-7511fc3a5bb7", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0cb42a49-d05b-5921-8625-7d2b50131a04", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d0670664-5e28-5cc9-af8d-c6ce4b30469f", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c808c85f-b55a-5ae9-b091-0e6472f0bb13", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8dd0a5c8-a8a0-5037-89c2-ae674dfc1c38", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1c0bc4b0-6815-5ed3-ad64-715e6b278ccb", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a494c25a-7fa9-5af6-b45f-99ab98963834", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:633536d3-8f53-5c4d-9120-ff240defab01", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a16ba36c-9cd8-5854-af3b-89ceb4560a5c", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0352a532-2d31-5437-af33-2d03d4963925", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e9b06b57-7311-5463-94bb-d3de814046f6", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7b11fbd3-a61e-5bf6-942d-934ad798276e", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c701e92d-6823-585a-927e-a5f20de0d40b", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f4ee7590-081b-5e2e-a6b7-9c63eb1f27c9", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:095e30eb-63ef-5b49-bc01-8adbf76fbed7", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f0f4e108-b966-5cba-93d4-080a72c84c20", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:90f5512c-6243-5b29-9e0f-26cbe73c5ba0", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f654ab3a-268d-5493-a31f-11be3571fc69", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5aaf76c1-800c-5438-9187-226bb1edc580", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cc7991d9-5d10-5e36-bc15-175bd55e5904", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e378cbab-0d2f-5487-ae6c-1257fb066072", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-extension-reactor 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5d8e8a3e-2009-5197-94bc-6030341dbe27", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a91a1523-005d-5bb5-8df1-925700009752", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-extension-reactor 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6e149aff-d845-53c8-90a7-bbc94f4fe645", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1741165f-abe0-5e8f-91ad-b5078553c4ab", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-extension-reactor 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:56831c2c-7a52-5838-a2a0-adcf8d5f6b53", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c2f3023d-a658-54db-96b4-29e4224b897e", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.11-tuxcare.3" } ] }