{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ba2cbe1e-df95-53f8-b09f-abf5a64b9c36", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-extension-rx3", "version": "3.5.11-tuxcare.6", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:313c0b8c-f1bb-5700-9ff3-3644f17c11e5", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f2691696-2904-5aa3-b6d0-57e8b388d4ba", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f9fe537a-08f6-5fc6-98f6-0599dc0b92d2", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:89f3485d-d1b8-5308-ab24-89200aab489b", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:967dc596-0e08-5f4f-be4e-280215ac438f", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d9bf10b8-d947-5f77-902e-f554a1c8905d", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5f93c852-6839-57d0-b89f-c3aa4074a974", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1ba1cd7c-839d-5d3a-a1b6-6a3324733054", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c1f65d25-ede7-5045-8688-c3f336699da1", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1a7380f1-45cf-5315-a6a1-bcd718b4fd64", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:acae2c3e-1dd6-5f1e-a4c9-a88e0ff6f4a2", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fd057ec2-95d8-5517-85d4-f54ab78eeaaf", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:18c96ec6-78b0-5ee5-bed5-de61a6c5124f", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4323c4c6-3626-5292-88e5-cd91d29427ed", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:784ee4a6-6703-5ca1-84a2-ab8bef90acc3", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:850a8837-bc39-51ec-862b-cab1b89c3676", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:80dc7401-872f-5b73-bbef-af648ec81220", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:94b00c19-549d-513d-8309-21bff485d92e", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f687485e-87c5-5ea9-831c-1e04ded705d8", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:07658a43-8ac3-5189-9e52-5f8423a5d134", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6fda3872-c57e-5b58-9633-4e7009153efb", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f17aef49-8156-52c3-9a9e-c3d03148fa38", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:56dbb1cd-9402-5633-9824-a093e04ccda1", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:69a0d0a5-ea1e-5e7f-894a-f3bfc05ee85e", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:419614bb-1705-5661-a054-f900450d529c", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0b864e2c-a3f5-563c-9338-61bdfd7af2ef", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-extension-rx3 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:906bb8d5-658b-563c-ba88-6df72df27540", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:aa8a9fa0-e3c4-535d-bb55-774310422dfc", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-extension-rx3 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9879d50c-c49f-5e7c-9fe2-28d5433b1c53", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5f6976cf-1c2f-5aa5-b9ad-e64839b4469d", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-extension-rx3 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c2463b38-9c0e-53bc-970b-9c82aa7825ee", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c6f6635b-07ec-5ac2-a8cb-cedd82e9b6e8", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.11-tuxcare.6" } ] }