{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b26a4ce8-e116-570b-971f-9a9f627b3390", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-management", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2af829f6-80f5-5f02-a996-b5b3ac8cee15", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:081386ec-1ead-5fd1-bed4-257cffc973a2", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aeb95c73-2dcd-5a52-800d-8907607939e7", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:877fff31-2cb7-54d5-aa84-cf92024ad000", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e6a43f41-9f3e-511f-a3df-4e7ce339f3d0", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f752fa59-2293-576a-a8c6-f0fd9f61065d", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:448795ba-7a6e-594d-98d5-eee297eeeed3", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e9e023a7-5a62-5cc4-b617-548eb6ceb595", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0ecfdfdf-022f-5b71-ad7c-493daa0751b7", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6ca2ed2e-e60f-5ff8-b28d-ca05ae3358ce", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f3d10137-f051-5e86-b134-fe35e7244d4f", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:99cc27ca-35be-5a52-bc16-9db587ae60e9", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d647b2f3-36db-52ef-904f-b13e3aede3e9", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4a42a4d1-b116-5437-85b7-72365da18016", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dd1bb4e8-2c89-59c5-a415-26c780a9d31d", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9f427177-f18f-54bf-a7dd-50c746a71105", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:01ee2814-e515-5678-b613-8abb41f9b7fc", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-management 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bfddaf2a-0167-55f4-8ddb-c4ff2c9992e2", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3a913c03-5fa7-575e-a814-1edae0203bdb", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:54860b9d-6639-5053-bcbb-866e30ee1646", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ec6e5c7c-fd2c-5367-9b0a-4ee9bb1b7205", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2151e217-8d89-5934-93a7-1e2c713bac03", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8e633354-f677-59af-be89-2af81be6583d", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2457dc99-ee0c-5b17-9916-1c942178d2e9", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7da37f7b-8156-5825-af09-aecb697534c5", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:51ef9a1d-9b27-5454-bb64-1f3f051f3ab8", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-management 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5a4ba65d-769a-50fe-af63-3e7a5845f3d0", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a8b89fbe-4e99-54fa-8e1d-4247edc511c9", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d99b928c-4b8c-5e71-8745-8c299910b1f0", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a2017c3a-6cbd-5ede-8c49-d5c25ed26d87", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-management 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3b743bbc-a840-57dc-8255-661a8efba6f0", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3de19393-88b7-5526-aae2-c3ee5ae224f1", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3dca70f6-be5d-5913-a1c8-225cf9b807b1", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:76619855-735e-5379-99a6-79da80f74e41", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.4" } ] }