{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ba7eabf6-ed9c-5bc6-a6bf-624ba59be333", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-jms", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:36783af1-59ac-57d8-ae6a-98891f872e1f", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1ba4e7d3-2ebe-56c9-8b17-352a3d4631c0", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e7934a17-dd1d-5244-833e-34e15f9bdeb8", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:544dc352-4da2-542f-8afc-3d60bb831dfc", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4da96b32-7924-505b-a5db-80fd27c27615", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef756139-89d8-5bd8-a05b-2620985079d3", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9375dddf-5164-5e0a-8212-cc004a0a35ee", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:85153522-c578-5fec-8f8a-363d20a05677", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21377e5c-56d7-5cfc-a0ea-0bd41311502e", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bcfb0e15-d542-5de1-9c4c-f32c8a6e6df9", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7fefd7a6-b852-5775-b169-19875e436f70", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:603a779a-af33-508b-baa2-9b9c72af8039", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:711bed72-3dbf-5182-bbc7-6b0eba05796f", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:691be43e-5237-5386-8cdc-a1e9582c3cca", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd75e803-3d11-590c-9384-502bf244fb86", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f515bcfe-60dd-53ae-84d2-f4c6c7def54e", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba306d1c-cfa6-54e6-a39e-9ded2020b064", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-transports-jms 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc907b01-e337-57ed-a527-a342f831b8b5", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:812e4a66-b660-5515-897f-7106533dd76f", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58ad86e4-4a7e-5026-9af1-a81cc37a7a1d", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f8447827-25c0-590f-a7ca-fe595708de0f", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:398995d3-4ad8-532e-a7e4-5c12ca1987eb", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7098cf4f-b5dc-54e4-aab2-db500692081c", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a55b14bf-fe14-5d40-85cb-2c27f5303544", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f1bb10a-71a9-5d7b-bb76-d0915bc82d90", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e73a74ca-2664-5e2d-a59e-5aef2f5f7009", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-jms 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:360ca373-6dac-5e39-99dc-19a3cf1fa38d", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2d492c96-3411-586e-9385-d22f07732a96", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4cbb4c6b-6772-5651-baf8-3d963b078870", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c61540e-d6ff-5738-9f69-2b79e86dd6c1", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-jms 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6312f8aa-da3b-5036-8439-e72f90fe95ea", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:29bdc779-d030-5e4f-b3f9-10ac4cf7d334", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:17776370-a4d5-59d1-824a-1bf1a19714e2", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7b610c48-534b-54a7-956c-3011d938d4ac", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-jms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.5.9.tuxcare.1" } ] }