{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3874cbc5-a4b6-5668-a9c1-c426537b7b60", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-extension-rx3", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3276ddc5-6fdc-57d2-91b4-2a52150767b0", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:12d9a91e-e18c-50a0-a9fc-4bf916b1d655", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9432bbc6-9d1d-5e3a-b252-b271f7999629", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2a4d505-d0e7-5304-8027-6a6994972059", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2d19aad1-b8bd-53e5-a3d1-4da971715097", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f684429-1694-5631-88c2-be748c1ebb7e", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:467a0dc0-00c0-579b-9ba6-28ed86d38cb0", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:279b98be-93c8-5588-94da-f685a1977d07", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c716ab3-a34e-539e-921d-5d2ff68f8a0f", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0cdf524c-01f2-5676-a61f-c339ce2237bb", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c365ebfa-5f2f-56c8-862d-dc66593f2595", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e7cd87ca-ea66-579b-a5aa-c05a5d81f9c4", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6154ec9b-4ee9-5c43-b52b-24cd73dec4aa", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8036dc0b-1ade-557d-9e89-a2e021434e85", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96b7136c-93d3-5f56-bc58-714a44a7284a", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6532fcc6-ce87-5505-be08-d903b9385d70", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:176c6b13-541d-59ef-bf2b-8b20e10153ea", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-extension-rx3 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c3427d3-1485-54ff-8d80-11e43954965c", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2dd9069c-242f-503c-a2af-ac7054a98a79", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec25469a-8ee1-5303-9cc9-a75c0d6a9401", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4851bec-3e54-5134-8c78-0d2017eb0818", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:efa2e672-31f5-5c7b-99e1-3318e05de112", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:035c72cf-4ed1-5558-81ab-c5716bf0b05b", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:912bbe76-5e81-5457-81ae-48035c36d8b9", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:136771bd-3f83-5fa5-97fb-4beb37389cf8", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58bc57b1-04e5-565c-8cce-d35d9bb05ace", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-extension-rx3 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f369803e-ebeb-5b4c-987d-d85112997d47", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f052285d-0056-5e79-bacf-8146dceed4e7", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55ef3c4e-e2b0-54ac-85f9-b575d5d27f67", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f21e32c-b86a-5b9c-8452-6857180f695b", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-extension-rx3 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c347faf-d947-5e78-9dc6-551fef96b21c", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2998767a-f033-58cd-974a-4f4bdb7e0c3e", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed1b78e6-4bb5-5a28-993c-7fc1b1c2e2d7", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:03ce028a-df70-5912-9e67-709cd9d2f22e", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-extension-rx3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-extension-rx3@3.5.9.tuxcare.1" } ] }