{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e934515b-6631-5f2f-b243-eb6130a547d5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-management", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:27aafed8-15fd-580c-ab5a-740451a56986", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:060b3f5e-945f-5b6c-a835-51d2cf7886d5", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e6cd2b19-f42d-52cf-844f-b8ade7ed2c51", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f0655bae-f2d6-55f1-8417-7d4967139567", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e9444faa-d4c9-55e4-9e42-068dea39cb4d", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:755e61c2-cc9a-5f1b-9c4b-d9fd2c342991", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:58456d26-886d-5dc7-95ab-325258707b7e", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d1a1f64a-15e4-5a8a-9915-82fd50706468", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d5266656-76ab-5089-8355-f016f62bd7fa", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:825bdaea-bc39-57cf-807e-f0c9c146073b", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:94cefa15-1aee-538e-aa14-ba695ae294c6", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ed751b29-651e-5197-8fcd-7a4fe4d967bd", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ab2dbc39-f531-5b49-836c-e81df35f083e", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8343321c-2656-55cf-a064-f3491ac0283c", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7a059333-2e5c-52d4-8557-3a1050b53f77", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:86975801-ddd2-5e99-893c-bd69c77af85f", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:47a90512-75bb-5d6e-9635-0674f68c7735", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:918457c7-af33-569d-b40f-26025f8fad63", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f1707d14-56c9-580a-ac0a-c18d641f7172", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a6b1c936-f888-5b7b-8aed-dca3056aafa7", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5332bdc8-22db-51e0-a414-55013e44eef8", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3655c903-1eb3-5a44-a070-f6afcae750fc", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fa8eee68-067e-5289-ba31-816fd9a70724", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0b6a49e3-32b3-5bb6-a568-8c1d57c44e7a", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e105c216-2ce4-5ccc-bdd6-fa04351c0c91", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b4e772ea-fee6-504a-bc38-9f966c878c18", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-management 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d3c8a20b-b1fb-5d44-a1a4-ba454e2796b5", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:05130044-ee50-5f94-9091-6c594801e4fd", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-management 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e40d7b53-7a96-54c0-a347-e365c84d1837", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c99881de-b17f-5cdb-94c1-1111c5061459", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-management 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dc0b475d-772d-56cb-b9aa-de6ba3681f05", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b0ce5bfc-ef8c-5b19-b4b5-4b100c463474", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.11-tuxcare.4" } ] }