{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d42bd956-e381-5077-81b0-b5dbb36e3021", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-management", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3c979d5b-1201-50f3-959a-07c39076c4a3", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc2a1ad4-2f4c-5120-bb8b-da709c30d2e8", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:80c75dc6-f6ea-5a35-8de9-1da8b65f1178", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:735495b8-5c7a-5e7c-9330-bea1f5e82ad9", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:708cf03e-c059-5037-bb9e-5992c040cf83", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:792b563e-39c1-5e96-9fbf-3e0975714da0", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:05aaa587-3aa8-59dc-b152-e6be05b5a1a0", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:64e186fe-84b7-54ec-8f04-7c14d630db90", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b17b14b3-c5f2-5ecb-baa7-7422bf4322b6", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06c7dbc8-f992-5acd-ab02-e5ae84a9ce8c", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:efca8558-1c13-5670-b5f2-f6807806df1e", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c5f88774-917c-5fdd-91a5-f47ce5895c73", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c6d7f354-c001-58f4-85ed-032770194fd0", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d701d5c5-051c-51f9-974a-e61097f74f23", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c595ce8-670d-55b5-9970-8535b54e3c54", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5b1c660d-2adb-54c4-925f-af1838c09213", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:47fa0b66-1b5c-545c-9163-fd67f87be7ed", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-management 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:abaea37f-e48e-5da1-b5bb-4b82627ff89d", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6cbec472-e909-53f9-ac8f-e5c73d678980", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fa667d0e-87ce-59d7-aa83-2a7de223799f", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:063d46aa-bc53-5d3b-8171-4a1493eb4588", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7674055-80f8-511c-b95e-60f34268136a", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5bb787f5-d9e6-50b4-a503-469c6006bafd", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:52f07119-d080-545a-9a59-a7abd876d8f7", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c4e44c63-4d92-540c-bfae-7fae752eceab", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ad1477a-1651-5c60-8451-cd90679cbd4c", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-management 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6d05cc4d-8f65-5816-8191-108f5f0b38f0", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5065e015-d5c0-5b7f-8393-64f2f8d64c69", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f275e757-5350-533f-95e4-a4017cefbf55", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:98f5c9d5-8a06-5380-ba01-616c713ae445", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-management 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:053dc7fb-ff6c-5105-9ef6-fe26c442e31b", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7eb40eff-d238-54cc-8142-59155a8c2fb3", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f8c24dab-c23a-540d-ba59-9bc494d5a856", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:94a7a5f3-9b61-5bd5-bcd3-a3d66d1b06a2", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.2" } ] }