{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3f685f11-e1cd-509a-bc02-e528c4dd305c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-extension-rx2", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d613c420-5b77-520c-8f24-4b359a08d6b2", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4c439c3f-eb9f-528a-8445-e583c4652ea7", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4c0ff259-0e18-517a-8397-e1eace9360df", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dcec33d7-78ec-5a9e-a5f6-a297255333d7", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:98c056a9-1ea1-5bf6-ae03-4a3868952b6a", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1e97328f-41ef-5972-9051-70d3f77ca895", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1d9a5ac3-cb4b-586e-b44b-49a46ca35f4e", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:64009e33-ccfd-5e3a-bb3f-498d9257a114", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:66127865-5c3c-55ab-8380-7e96296df613", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f83c643-e433-5c50-b40a-fa915dcc4f91", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc9110ab-82e5-5b68-9377-0a2fd9a3a469", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e01fc0a8-44a7-5475-b460-0ca2b7a12013", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b5a9b94-d6e4-590c-919b-ac111b0838ce", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:716cf973-fe7c-55ab-b038-3a4383be2942", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee189b07-f5ed-5ac7-a765-7ef2362dbbb1", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ea799887-1da6-5f65-9e38-798ee196882e", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:71a5a42d-b8bc-5471-b80b-17b69fbb7e4a", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-extension-rx2 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:672e0c8a-fdf3-54bd-9f8c-dfd86d2d36d7", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19aad394-8050-5a40-ae72-4efe7ad4fccf", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:40eea13c-8d4a-585b-aa94-17e439a2a226", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7f9a317-02f9-5aa4-aa3b-1fb8bc428366", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3e75504-2732-5164-992d-bc8d755155de", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c7a1d318-dd7f-5631-ab5c-a6c29d786488", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1e7f8fc7-24e8-572a-a63d-cbaf63253bf6", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6786398e-b02b-554c-b4a0-6019a189c51e", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:967fa51d-4be3-58fc-857e-adf536fad577", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-extension-rx2 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:09811e2a-1497-5991-abf4-a1c43b8ce860", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2ddd7a21-a493-586d-895c-1f0295b79a76", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:797737d4-755c-5c85-b49b-7a8611833281", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e6936422-dcae-533b-a1a9-a48d75d6edf2", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-extension-rx2 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:591c7268-dafd-5d3b-aba4-816bb29f6538", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2196b2ec-e651-589b-8fc5-d5bbabfc52db", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c3d87b37-782a-516d-8446-14d042e44534", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:71c7a0d0-9453-5302-b0ce-cc0725b972c7", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.2" } ] }