{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:287e8131-ef6b-5951-8372-045b00b4ea28", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-sse", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:854e5e52-4741-554a-a60f-10784f50992b", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e7ca3600-692a-5421-9efd-75bf26f141d0", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5d555917-97eb-5981-8379-376ae9c47197", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0bef0794-6c1a-550a-8b8d-c5b4cc0e88bb", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:99b5618a-7dec-5264-8636-a5781ac03e09", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2bc0b07d-fb3c-59bf-8089-e7a36d6122e7", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6a16dfd0-a32a-5b3c-85b3-61c81cfcb051", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:26c2704c-f7d9-584a-8adf-0338853b7d6c", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7fea9c8f-f14c-5e01-b1bd-51bdc7e46e18", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e638b993-91d9-525a-943e-019fd0803edf", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2c4a1232-cbf0-5219-a14d-7e62d467684b", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:425f58aa-3de7-599d-bcc5-fb0c348cc674", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fbadf2b7-eed0-539a-9f53-89cf1f918c74", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:87f9ce2f-b514-51e7-821b-7dd0692bb3e2", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1387b85d-5003-5752-b8d8-b9329c6d8db5", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0163f967-7210-5856-a3bb-e1f4da98da29", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:18e26789-f754-5853-9955-f555a4ffcc17", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-sse 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e5983097-6518-5772-9fd4-61bb4b3764f1", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cf5e8f39-c09c-5b55-b10f-3dd6d1d6d5ad", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:56f171e0-5541-5b98-9a94-235f273206aa", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e65afc81-b9c1-577e-9439-5aeabd45a147", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:45aadd1f-b243-5fd6-89bc-3dee1f2afa24", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a415394f-676f-5d96-965d-4b3c56cab64b", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c106b99c-1a2a-584c-b506-c3a63c8ac510", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ed2402f7-e564-5658-9aa2-226b2fcd7b5e", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:145180a8-bfdf-50d4-8d12-bfb358006cb4", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-sse 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7bdce663-7259-5953-8554-b87fa409421d", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ab8065dd-9744-5c32-b440-cd6aff9a6691", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:59dca414-a1e8-5cad-8b5a-79a316b93bdb", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d94c8323-ac57-501e-be77-4fa91cc8696f", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-sse 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ccf86798-24f3-5f1f-8b8b-a1f39f254efc", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d09a4571-56ec-5927-9966-18d522977fc8", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:46392772-2877-525d-aaa2-de85ed64cf95", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0da12cef-7200-59ba-a27f-ed7d1525c821", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-sse." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-sse@3.5.9-tuxcare.4" } ] }