{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:adc266cc-7a9c-5cb1-bbb3-026d612e1ae5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-extension-rx3", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f4fd4fbe-de36-58e6-8141-dc5e72c90522", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2839a342-803d-5609-b4e3-25c507268413", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3ad23346-fa94-5789-831d-f347ee4d89a1", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d550826f-55aa-5e1d-8fa2-ad9d0203e90a", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0e357c88-4e29-5284-9030-38a8c7500e98", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:354fbe48-df18-59d5-83a0-fc97d7c3a172", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:df385819-6565-5ff1-bb72-ff792f198c2b", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:26671c5b-6625-5161-a9d6-ceef7b5fc0eb", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:140a9742-f2e9-5688-bd01-3ecfb95879a7", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d0b85362-5892-5faa-9caa-beae9b9740ea", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:778ab6ec-d6e8-5111-8bee-51974321f3bb", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c2a0d9f7-3ea8-5f42-9d0e-9ab5b976825e", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a6d62abd-0a32-527f-9df2-fd6578568163", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:406bd130-2053-5e94-8c8f-09145a056c2e", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1e9ed4b3-5bfe-598f-b081-458206920af2", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fc5be381-71bf-5337-a8ea-3a6c75ecec89", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5b314b7a-ad36-5868-b829-e19a935cd5eb", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-extension-rx3 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b06abede-2052-53eb-b2cb-50f19512ac9a", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d41b0427-6413-51a6-9525-04e9a31d4c3c", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6bf4df6d-67db-58d8-9b9b-af085170423b", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bafd9e16-4543-5a09-bd8e-0662d4fa9d62", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b60421c3-1aef-5505-ae30-6c2cbd3ef405", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cba6f041-749d-5de0-be34-50fd101d96ac", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:760f7422-d848-534e-9fab-bf75cd7ee164", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0aa0f1bc-3aaa-51bc-aed8-6c10dcfe2e93", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:723ef5aa-41d3-56a6-a36c-8848af2e1ba0", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-extension-rx3 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0b12eee1-124a-5bc4-9568-cfa7c85a4574", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bb478e83-fc8f-54c3-bda7-b240f840e4fe", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cec0cb59-420e-5ef4-a677-488a62395b04", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:35acff27-82ab-53f3-9a42-ba90ff1589a0", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-extension-rx3 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1c30081c-2156-5331-a297-ec4782d1a649", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6b6f5faf-bb82-57ac-a688-ce4da0a5271e", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:36e5cbd5-aa8b-5241-ab1d-87e30e395567", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:684865f5-3f80-57a8-ad62-94942f0d9b23", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9-tuxcare.4" } ] }