{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f31965a3-fab3-5eab-a9aa-453aaab49eb2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-extension-rx3", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:87cf3c3c-1fff-5189-b1fb-6de9a63078c9", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ee869202-a107-59e7-9667-33f24980ea74", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:270bef40-4b8c-55d2-9d82-f29300dd965b", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a1f43593-c8f9-5575-a601-b78318190fd6", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f4edc11e-b7a6-5a76-b297-f22c32efd33e", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:10ab3961-c087-593b-a033-9fe4a2ae9c92", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:055f0f19-c229-57f7-a02c-bf35244a8fce", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5c758490-aa15-5bd5-8ea9-3d5b4de4305c", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:349810e3-f30d-53f7-bd53-b42aafe66aa1", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bd74e63a-4cff-5336-beb6-a8c8efb3c5df", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:174eead0-fcbe-526f-9c50-e9636276a313", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:710d94ff-9c96-50b6-b7cb-5f982847b0e1", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5fc644df-1f6e-5272-998a-b86622303af8", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2ac4bd8b-91fd-5f75-b9b6-5176bbc0b385", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ebc18553-1a82-5415-b25d-813242fa0518", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e106953f-f9a7-502f-b996-ef8e56d3ac2f", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d8b81000-a7e4-5fb8-9079-12aaa3fcab78", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-extension-rx3 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:740de6e6-b541-596c-bc9a-1eb3d2756742", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4c9e9d66-b462-51e5-b651-01f89ea0bd35", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3745b2f8-0384-5993-9817-a40352072e08", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8ab673cc-7fc2-523c-85c8-eeb036dd642c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0b16a0b1-9d93-5da9-8f12-516ec75a22d3", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1d35d888-72a6-5a1b-a6b2-3a65640d33f5", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fbbe056f-22a7-541f-87fd-b263b4a490a9", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d1a43623-1287-595f-a77c-1b2e364ec16e", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bfa1f390-77c2-5556-874b-33765b36eb3a", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-extension-rx3 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:32fb23be-0e1d-5957-b494-0b08eec42dea", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f8ed9530-dc6d-5fb4-acfa-ae1c20d66a1b", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:29bed622-ec9f-5c2a-8301-14e3e381cd3a", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5554ce78-7126-5983-aeae-e03dbe442897", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-extension-rx3 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:129890f5-a2c7-5ab9-b024-72f4de4b3764", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1fd1bbf9-15b1-5bb6-86e6-145cc8ef0255", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c6aa34c8-8e58-574a-9ce5-386370696aca", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5b25df6a-ff3c-5415-8bde-41cc1157efd2", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.3" } ] }