{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fd20cb03-31b6-530b-9d0c-37ebbc25a9a3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-extension-reactor", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5cd27032-8317-5a51-bc3d-8713a839560e", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f181f003-f0b1-5c43-9fd1-3e15bdd3281f", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ebac59dd-d2eb-5aec-8704-512b0c031d04", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a710b675-6ae1-53ec-9de3-e32072b7ff4c", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f964bafc-1d41-5c8e-a48c-56caa9759745", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fc2ad6fc-7e1e-57df-8af7-b8e4942dc259", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:47bc306c-7088-5b7b-bf15-23965b4ce93e", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:006bb32b-e28c-59e4-bb4e-7cd97b1cc4a7", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:965539c4-45af-5b4f-afd9-64b2b27a759a", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:10357e51-3de2-5d6a-9337-a09990697e8f", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:93d0109f-73ec-527b-9562-0ee4eb0c1557", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:95612b72-4cdf-57db-a2be-7a72c842633e", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ff454de0-0c4c-55f2-b25b-0485277e01c9", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:243dfc77-ed46-57df-8daf-9a8df9d82cf6", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2800c25d-192e-5ecc-9553-811117e3e96d", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e07decc2-6b74-5e46-b5d5-3538c792ad5c", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5b86146a-fb82-51f7-8819-3b5623bf8ae7", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-extension-reactor 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:82d96afe-8b12-5c11-a003-6576c0a7f7bc", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dbd0e0c6-a2eb-5e2c-9ffd-e56471c2935c", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a506025f-25bf-550b-b36c-d9df921cd001", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5dc52282-cea7-5970-b66f-42962e3f49ab", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:09f2d1eb-9363-59f2-a6b6-79eec6b0946e", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:768d616d-ca23-50e5-ae92-06820a4ac222", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:20424f73-5860-5b97-8485-554f79414bb1", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1b97e33b-f122-5c65-ba61-08b08a5c8680", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0bacb897-9e86-5e2d-9c20-d8496e74cb00", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-extension-reactor 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:857a2b59-85a3-58f1-b4ed-1e68821de40e", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:30e35f83-a53f-561b-ab4a-b598e9954c7f", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d620e190-a742-5119-bb70-d51dbf4dfb91", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:61205d65-363f-54cd-a8c7-6df23c478cee", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-extension-reactor 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:be3a26ce-5692-5d54-b5c5-25b0a2d23c96", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fdc36c7f-87a5-5da7-93f3-646188562bd9", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:da726176-2420-5e48-99db-3ef5aae0e255", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6cd13e46-98b0-5c53-ae54-d0e861f372e4", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-reactor." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-reactor@3.5.9-tuxcare.4" } ] }