{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3f97755d-a384-5640-a302-047581c42731", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-management", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c2cb5f31-6784-5e8f-9e77-93446645bc23", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e89872b6-f8c8-56d0-a5ee-c3beeae72fb2", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d848e84c-fb39-5f8f-a845-6ae1be031f86", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:be65ee48-8471-527f-8731-349f2a7ddd1e", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7235d97b-1f90-5698-9031-1ebb4a2c1ae9", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dca37462-aa20-53b4-95ae-b471b428ebc3", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:324ba2d0-5cbb-58e9-bd85-3f0b8402471e", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f099a828-fe47-5cd3-a264-af200f30f3ca", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c5163106-7f51-5682-84f1-b0253797bd6a", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3414a3c2-46e2-585d-8541-7141f813f10b", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d1e14a32-e490-5ca0-9ddd-99adcde39893", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0c8ef6fd-993c-5b7e-9b65-a861e7445e33", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:80352ca4-8246-5d26-9321-ba29d5ca1eef", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0161916b-b104-59bf-9b94-bcca68cdfbd1", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1762ae77-8ffd-5846-a326-b4ca82b53fd7", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2af19758-78ec-58b2-98fd-656ce296f3f0", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2f643d08-8ea4-5638-bd02-98ea3045f1ca", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-management 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2602ae79-5d15-527b-9426-1625b9857ffa", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:23df1bc5-a30b-586c-8d44-a645e28e6ae4", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0864981d-ea73-5c23-8b78-f6b7d7467447", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:16eb99f0-67d7-5c88-95cf-435b45259834", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0d3db61a-f07c-52ce-9125-f928cb9b4f86", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:66d40cd8-8b19-58c0-9916-c05112af6930", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5c8bc6f1-7cf7-5fb9-8a70-52a068d422a7", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:64478e12-9e70-516d-a827-68dac5a4b145", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1e432a95-fa8b-53d6-91ee-b289dfc50ec8", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-management 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4d9d58af-9504-5d54-ad5d-d97b56fc7e4c", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f889634c-5e90-5d65-aaf2-b5a9772e8b39", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5e98d774-93dc-546e-ac88-02bcfb4160ac", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:014025b2-d612-5c0d-96a7-2e27158795b3", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-management 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e5183756-b693-5c23-8392-60db2a326573", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4a55e619-da5f-599d-ac24-bb50be2c835f", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4c24a96c-6923-5800-a934-57e8ac37126e", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dd022ef1-1891-53db-8289-176e353f1d01", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.3" } ] }