{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7998d55d-8017-5dd4-ae01-1802696c46d3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-sse", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ccb86d11-626f-59bf-8d94-ed78689cee0f", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:48d6007b-9221-58cf-96d0-93a916893b01", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7746c005-0b23-585d-9714-452f8de60fcd", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:76eed6b8-1bdc-52c3-b24f-839fbc9dc643", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8114509b-3040-5889-ad1f-bba7ba8d8a5c", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1b4cdd7a-9d2c-5e7f-ac08-83b44dccf734", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5649829e-caf2-598b-8eab-d948830f8c03", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:44858107-f309-5dbf-a725-5d270e8b621e", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:29973e73-5fd5-5589-a2b0-68645cb8d90f", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c518eb6f-b6c2-59c1-ac5f-4885ebea2161", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ccb0f199-44aa-578a-925e-1e0d78166a3a", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:988701ef-7ab4-51f7-acdf-cd0c1fc2e77e", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:97bdf937-f2e2-5602-aba1-5cb1ec484599", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8ba58675-bc7b-5b79-bf5e-7a20cb870381", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c61c9582-102b-5e44-a14b-e6f416755b66", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c7962f81-e803-5b26-a010-1312451a17f9", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:af007384-3bf5-584a-979b-1beedf85b5db", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-sse 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8baa8be5-770c-50c5-907c-400acbbb9277", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fb92ebe8-293e-5b90-a604-002e60bff9c2", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:972e4071-ff27-5a7b-b2fc-fbbb476dbf78", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0c102618-be03-53a6-99eb-dd62e692ce7b", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:557d3efc-d0a9-5068-827b-9a65ba7b9a2e", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:af1401f3-f4bf-55d5-9fc6-4a24330d049a", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4c13f187-6a20-54c3-b03c-f71d9619d83f", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f4555235-5c2e-512e-aa46-810d0c4e2a38", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3855e048-6a5c-510d-aeb2-08353fc8609f", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-sse 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5741e06b-8e8f-5dcb-9ae0-6f12f768f744", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0f86e7e5-50a6-5c9e-a4eb-47f09cf0727f", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bc6cc165-fb88-544e-9ce6-36dbbb1e5057", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:65bbdf80-2345-5934-b4c9-e65a4f2a8536", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-sse 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0fe7d624-55d7-5482-a5a3-752ac63016e4", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a069a8ac-1d36-5a8d-bd0a-e7e92579a678", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:90719426-a696-58aa-8b97-c6ab585d82f1", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ffa83a8d-8994-5ae3-aee1-c6ebbd290014", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.3" } ] }