{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b385e056-f369-5392-9832-7bc923ffca29", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-extension-rx3", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:06d462d8-7c75-5cbb-a9e4-1f861d9e20c2", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:db02e720-7b5b-59f6-9d92-56c2c2da05d0", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:526df41d-215c-59c7-9f29-6b318b838838", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:247fa226-2d32-5de9-ba49-346f33837c8c", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:905503ca-214e-56f1-9ad4-7ef370d5b200", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a23f8455-02c1-5781-8e94-5ded89fc1ee3", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:47d1c356-381b-5d6e-967f-91a5946be966", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3888658a-37eb-5396-9909-3dc620654750", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f929ad01-ace0-535c-8eae-79961106c2e8", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:654ae30f-f42d-561f-a5ef-1f01fe6b95bd", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7800a215-3577-54bb-ad17-ab2ba672e0ae", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d875ae6f-a9f8-56ee-81eb-61520eb0c457", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:51df5e73-188d-5c37-8d20-639dfe9a6a0e", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:700bc064-f735-5703-b106-143ae7bb8c42", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:78182e9b-8812-53ea-adcc-81dc87d53bb8", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:94350597-987d-5efb-aa6c-1281654e760c", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f33efeb-58f6-5aeb-8349-46d52f5c864e", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-extension-rx3 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:db7ab15c-1f5b-51ae-aed8-ab6b365074a5", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:87e23a0a-4eae-5a8c-baf2-15825aa4f659", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:56779552-ad7f-5dfa-859a-16e62650b271", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ebf3765d-acdf-51be-bffe-8ea783879004", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a8cf3498-a072-5c05-9dcd-7e30a832c1da", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b50812ad-ed02-5d7a-ab8f-d4d39b5bb63a", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b33befdd-69c2-5ece-889f-0b42e68f0ac5", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3c5d4e6-baa0-5862-9e7a-3131dcbed1e5", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f390f115-6a4d-5873-a53b-a45d19dafa58", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-extension-rx3 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b5a1f698-b18f-5916-a04a-9a13884dc815", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b62b2223-334a-56fe-a8f5-8bfb2578b8b3", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fce15161-4907-53c1-84e7-20b5638e4191", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f8001d3d-2fed-5494-9d49-9047a0c982e4", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-extension-rx3 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:89b7bb5b-7b42-56c9-9f20-b32b8e65d515", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:862312a1-5874-5f16-b69f-47f4e4197df5", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:729e4759-7870-5719-ad4d-9578ce2b1acf", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:381fef02-76a2-5cc4-9f80-79483b8bc66d", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.2" } ] }