{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:34c394c3-0441-5dde-aaa5-dc280a9790c3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-extension-reactor", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:16f01bef-5a2b-5aa9-9799-19152d2aec73", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ec24819-601d-55a7-9408-f4d7bab34710", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd68d9d3-def1-502a-85de-2d83ef1864d7", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:40fbf627-c4d2-535a-aaeb-c031410a1681", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7ac7db10-3204-578c-a1e5-1ce82fe673c5", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0dffb44f-5882-557c-becb-18c20bd6be66", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eaff454a-736c-5be5-baca-14a685f1df21", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d96ec9ef-71a6-57f1-a76c-58fd04d8d5e0", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a5dc4c7b-13dc-5248-95bf-8672638c6f42", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a9f1c148-3c78-5368-8d9d-116d31e37d3d", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:905ef9dc-0f88-5639-b5ed-900efcae8a64", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17e66236-1bc7-5ace-9214-c8c624c34cb1", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e375af8-272e-5d94-9132-d407ca2792c6", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3b57b1bf-933c-559f-9add-0778552cfb39", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9d43ce20-058d-5fac-b3d0-7eead58157af", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b11d6615-9405-5f6b-9063-f0ec55ecdac0", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:957d079b-cae5-52b2-a77e-a37a086223b0", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-extension-reactor 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ecd9b41-1686-5106-a759-6a260df76dd5", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c7ff9da-8e87-5d64-a95b-8d66ac3963e7", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2c86ab2d-ce49-5d75-b853-5af23a7748ad", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:11898b57-bda2-56b2-86fd-884f5a70bb6f", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3e1675c-ba5e-5099-a15a-8df23f60214e", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ae3b6c29-eca2-574e-ab35-6a7362a118fa", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cbd981e6-47ad-5bbc-8c48-8ab9827fd5ed", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3fd08eca-aeda-5e0f-be1d-6b7e2457677d", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c28df04c-696f-598f-a73e-b99d2c4e40d8", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-extension-reactor 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c8fc05bd-c8a7-5415-9670-795f40c26dfe", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d5e916fa-c59e-5b2d-8897-1858072f704c", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:02e98c68-3fc2-5a36-8136-a8aac0908d18", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ed93fc5-6d81-583e-828c-bcbe0e89e684", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-extension-reactor 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5c93d85-f4d3-5105-a1ed-99e880149bb4", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2f080f91-276c-5649-a221-9b0f77baf86a", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:85f9d3b7-cf15-5b05-b98d-bac77cb97a74", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c0092bfe-a496-580b-ac3f-53a6568a55b5", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.2" } ] }