{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6fe23a0a-9aee-54d4-ba5b-ea8932f736b8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-mp-client", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:de1feb9a-3e16-50b5-8f6e-1c8c62139206", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:30455c19-e628-5bd1-9536-bc46fd2de89f", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:75af2fea-7767-545d-bc1e-a749c614dd75", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:687c7314-408d-573d-9c8b-8fd2c72ac7cd", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:437becc8-d024-5423-9446-74ab2f3dfd34", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a3709172-1439-5b42-981e-5168fa9e80cf", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8390fec0-e581-5f3a-bd86-9c871fbbd891", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:799e7ec0-c01a-5561-8cfb-824ffe3a1542", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f14de2d1-af2c-5e1e-bdab-dd4e1a479932", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b9025e3c-4494-5de1-8b29-49447b486099", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a44052e4-d741-51a3-8786-51733853c14f", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b2edf3ed-298c-5d56-a134-62a141cf5f4d", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:164dff02-b6d6-52b5-96d6-b1815e89f692", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9745431a-5d5a-57b0-9af2-8a68fe71a6d2", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1fe7704d-af66-5f49-b7d8-e5d3afa14fda", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:693d9b45-90c5-5609-8da0-17db65b9c57f", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:424f1e70-79dd-5059-ba4c-7b33a5fbfef3", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-mp-client 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f8c68d8b-17c4-58f6-a26e-6989ad39c3f1", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:558844a4-2224-5291-924e-a88380632c95", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a60470ca-210f-50c3-afdb-3c546b7e117b", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cb762b5c-1577-536d-83a1-60648ca9f62b", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:14ed32dc-21a8-53a9-ad01-2ef25e4f6590", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eaa92ae0-136c-556c-9b2c-615673f2cb23", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f9ca536f-aa0d-543d-89fe-573e052b656c", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7a58fc8f-17ca-513e-b14a-3f6e9b93d6fe", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:562972bc-b4ff-5aff-9034-78659db13ea3", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-mp-client 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cc2df13a-c6e7-5fe9-ae77-6542bb8a4cc1", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:625f9750-3c4b-5b85-85e8-e67da4496ad8", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:afb33eb3-0843-5109-96c0-b432ad9419ef", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ed7c1e87-f19d-5954-b481-580bfa74071a", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-mp-client 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f161a195-b417-54be-8b7d-28da671bf0af", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:369664c6-7a32-5d59-ae0f-056e5d44a0a6", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c879ea21-2c45-5b1f-aa03-b8f36f7beffa", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:96f35684-8f61-5c41-bbd5-e409f5a56c40", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9-tuxcare.4" } ] }