{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8214df47-77fe-5a2e-a68e-1c84871f7147", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-extension-rx2", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fc1bf246-4c3f-50e9-a68f-d8637fc43ef4", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2ece3def-ea61-52d6-88c3-eae6ecef3680", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7a20a510-87e7-5343-bb1c-94cc68e663cc", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:43a81cd0-cb76-516e-915d-3da494fd6694", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3eb15958-c433-5be2-b93f-20ad1f00ce8a", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2e3af911-f93b-572b-ba05-4086bdbe999d", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bbbb5911-d70f-50e1-8f65-f970b3a5ede9", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:189a1a8c-8b21-5660-ab46-43ec0124fdbe", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:508688c8-ed1c-55d4-ace0-67f8b867f95a", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:af908dfb-7055-59ef-a237-d77a02989b54", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ae03a164-625d-5caf-8cd2-3538983412f4", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:906943c0-82db-5f7b-a140-8610a64d3485", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eb289f9e-790c-5977-aeab-2affcf19c6e1", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f5b0c110-fd6c-5644-b5f2-5a8ecd54c236", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8111fad6-356f-59d7-ad9d-8fdcaf844f79", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0d8e77d9-9a76-551b-94ab-ac0ce04f93ec", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:498e599a-57c8-5c3e-8a6a-1c469c6b3b5d", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-extension-rx2 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b0e7894d-7038-5778-9961-a669982cde90", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0628ff06-be41-5f45-80da-88643063e68f", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7f7fe737-a378-51ef-84a4-7fec05ef87f6", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:161c202d-6fec-5401-95a4-b972da4a2873", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a137435b-8bf3-578b-867b-4a2acff71ec9", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b223ccdb-d581-585d-bd00-aae0288124a9", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:021b11e5-cacb-5ec6-b9b5-b499d754e2f6", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2449ded4-a75c-54eb-88e6-62422df2080b", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:58d8d260-91fd-582b-a84a-09fab4a1e428", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-extension-rx2 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d24f47dc-b0b5-59a3-80db-6686f2de5576", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a127dfb9-3558-566c-a061-132dc67e2214", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e12be910-f9d6-57b8-b02c-bf080984ca8d", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5a901450-41c7-56d9-abb4-6e9ff9935944", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-extension-rx2 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ee6b8e61-573e-5846-b4ac-e7af9994036e", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d2a8be4a-ced0-508b-9992-e537d35f6f86", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e7573345-bcd8-5d4c-82e3-99e752b6e0b5", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aa3809b4-b21a-54fa-88f0-fab9ca35bc34", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx2@3.5.9-tuxcare.4" } ] }