{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:af4d6da5-70b7-5bec-ba47-e2d482474ea6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-mp-client", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:aa89c98f-1820-55a7-8935-21de30edfdd0", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ef1acedd-c953-5842-9878-4f9ac52bf063", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9c6420f6-8772-566f-b1a7-6f1decdebf19", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:00bd7c1e-dc67-5d74-b49f-933ab584d00a", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:de595718-daa9-5574-b146-b99c5d807f20", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:27647c74-6e11-5e41-8ada-794a40c1b18a", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f76c6d19-1da7-5aff-bb16-97bdbf069bc7", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9eda73c1-6702-5a00-849c-39e82bb62e46", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:95138ac6-a8aa-5ffb-883b-3003a7437484", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d8a3f00e-6fed-5781-ba8d-02693a7ee9d3", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cb38f202-70f3-5255-831f-f43e9ec06a19", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6ec193bc-34f4-5807-bc6b-7aa55ea0f0dc", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3aff9534-d7bf-59f4-9cac-280dba57d80e", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c59d7d6b-fd4e-53c6-8aa1-e66a9e352805", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7f2bc48d-f4bc-528a-9397-ceb8a5feca7c", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:48f78bb9-b35c-5254-a995-cdf4eab0acc3", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1880bc11-25ea-508a-ada7-5d79c4fdbb1f", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-mp-client 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:11ab5397-99fe-53fd-b2d7-03967bb6eeb1", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9e2cdd45-060a-5858-af66-4625f1b1940a", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a12edcc9-dce2-5b9a-9f75-60ea74806d01", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:55342134-bbaf-5c08-89d4-70d44e585358", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ba25a5c0-7aa1-52dd-9cd2-f05e20586d42", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ddd23984-9a9a-5383-8d3b-0af9fe4e7a24", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d8dc7dc0-173a-50ad-a0c6-e1f767225587", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dd5a8e92-5a6b-5860-8d15-baf724030aba", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d0ff6eb6-5e35-538e-978f-66296991a814", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-mp-client 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4ea67d87-b094-58e6-98f6-a33939a14860", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a14bdc56-53d7-5c5a-b7e4-d783f6eae40d", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:496cb7f1-f8d1-59f6-8c6b-bd9f395cab9b", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8da3d7ba-f7cf-50e3-9396-061dc47518e9", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-mp-client 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:72655e0a-6f3a-51c9-80e8-1fd018ed4be3", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7798f5b5-10d5-574c-bf73-21be2e5eff49", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:db91c472-658c-5075-9d1f-eba50c0f8521", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:77c9428e-449f-5883-a337-7c746c34867f", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.3" } ] }