{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:77833d94-0171-5b22-af15-36bda6de0655", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f25e8699-4436-5d97-af34-a1cc982ef739", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b737c65a-0d95-561d-8a72-27dc03dcf9ea", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:99baf805-3de3-54b0-8016-7b9bd230f6d6", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:96fa4888-31fe-5bab-8d56-e649da2be321", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3f88b12a-1a70-50d1-8534-84ffbd377f00", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a1933965-6717-50ed-b05c-cb0f47ef7941", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cb7a8bf3-daf3-54a7-998e-548257004047", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:16b9827f-38db-552e-84a9-032cd384f879", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:76ab7af8-350f-597e-af22-717be79066f1", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e5024285-fda7-5b75-935c-056037505681", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3b36e18a-4b5b-5452-b53b-2386c391fbe9", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:75cad709-2c1e-5a3f-a4de-15b1dba5bba1", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:46d1f01d-c442-5cad-9d9b-7e50a68a2324", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9fcf6c7c-446f-5523-8fb5-aed94bc55269", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c15c3383-359d-5f18-a320-e2770053fe0d", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d5ea6d2f-3713-526f-8e82-a4308a7d5819", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1c02bd04-9796-5df9-89c3-83ade0c2f3c0", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2549f56c-55bf-5ea7-94a0-9f442c78d95c", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1ae4a5fa-68e0-55f4-aa26-73de892e02a6", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:67f72ea4-ee60-502b-a328-b32d0a969563", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5f7677e9-0d8b-5e3d-bb84-d49006feb913", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:765834ca-d44b-56e8-8ba8-9f00c6462c18", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4bcfed70-58f9-57a4-8511-9b336b743d7b", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:52eb03b0-5e53-5a1f-846a-043f93a4d44b", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2f3923fa-c90f-57b7-b844-0bfc7d4622d5", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:26cc317b-af44-5056-8f15-d361b4e11976", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3a7adbb8-4c3a-5271-9aa5-b81bb6e6a471", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:17793774-50e1-56e3-96e1-a09426b0ef8b", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f86390e1-43ea-5400-a11c-47e7bee06504", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bac121b9-b32f-52b7-86cb-c5ba75a92074", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:19d6756e-1ca9-5b45-b588-6614004f9a14", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1ebeed6f-fce3-5cfa-a611-ce548a70ae59", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e7160d98-5d3e-5eb9-a36f-571f4aec3f72", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:058b4d0e-84dd-5c83-8b26-f87f3f4ad179", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs@3.5.9-tuxcare.5" } ] }