{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fa97c443-5750-5a13-bca2-096e3b499bb7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-mp-client", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5d875ece-713c-5159-b375-f12d3f421752", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:54d1321f-40d9-5149-87e5-ace82d1c9288", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:90527a06-5981-5e60-9a13-73d90359ed3e", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:401b9611-f718-546f-8797-9fea51d05c13", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d964a860-9877-52ea-ba4b-d25f34de9299", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:00b5a730-4dd0-5cd7-bbdd-f980d7713278", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a9b94e57-6e41-55a3-bf5d-ae59986d0f4f", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a9761128-ee69-554a-b3fb-c2da4ccffe0f", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:680e7188-8f87-531d-a6b4-b69c6c822578", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f3e6067-beed-5621-bb65-b57051dbd725", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:79c5d862-c26e-58ac-934b-2bf0f5bcb9ef", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf6f51b4-4dcb-5d04-a943-196a5b6eaab7", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:57901bf3-82fb-5511-9cf5-48fc4a38a024", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99622053-9460-597f-909a-26fa51e68530", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:540768bd-bed4-5e48-9f3c-a214ca880b60", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f75cba76-2829-5b54-a332-e6559f2d6d44", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c89d2b70-6f31-5e7f-9235-6251d4d8ea92", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-mp-client 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:34ac535d-4fe3-59a3-862e-4b0f021d90e7", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:29c53afa-97a3-59a0-ada0-84e0e24f723f", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96c56e11-1095-51aa-a660-30d4afac4af9", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b14b8903-1f18-5faf-af29-e57be3e5ea79", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e99ef197-b459-5427-a44e-ea6e8ae7f41b", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c65753b-cc8a-5931-9a71-ed6c70f1177d", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5fadd2f9-25c9-58a4-9f0a-719adcb59815", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:746dd70a-1eac-5055-be75-51165164f04c", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2fbf0ff9-4ca9-5402-8d85-e87064de4235", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-mp-client 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a4b74a86-aec5-5694-bd8a-8dc8d7b2bffc", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be894cf9-9b87-5e7c-a6a2-e86df0b4f154", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0dc0b6e-a5f8-5df8-abb5-bd3f0a8f7ed2", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4362ebed-9533-5b9b-b721-d4ca34a5d3dc", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-mp-client 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4d54513-9015-55bd-ac8a-68297c2b2fab", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60674f96-ac2c-5392-9d40-565da202aa25", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:29aa5627-db7f-5dd2-8e13-0a86e1e269dc", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9a8812e6-8a9b-5e46-854e-9def380a1605", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-mp-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-mp-client@3.5.9.tuxcare.1" } ] }