{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c212f097-ec33-5905-bdcf-02e3f91aff02", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-management", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3a7aacd9-c607-5a99-848c-4e60057b52b0", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:360fd415-f62e-5680-ad6a-a5a64ddbf153", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b36d126f-b9d1-5bbd-b3cd-b2e4b42cb602", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7d0f0e37-e310-5297-aa81-d4c24d5c6e05", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6fcf5e7d-fcfe-5520-8e47-499ec070eb80", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:93223feb-367b-528e-adfb-97c99b3f850b", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:af6ac9ba-4b7e-5862-a910-8fe306401ae6", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cb8cfc58-21da-595d-a1f0-2e69147fe2ce", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c1d362ea-ae78-50e5-b12d-5de839699217", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:95a3a748-6ce9-537e-b8ec-f7ca3ca63ff4", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:21e447b5-6981-5b22-97b7-fdf58ad70715", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a44775a1-f175-5678-ac59-088d238d27eb", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a0d8b586-ce00-54ab-9397-f300bddea900", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:182a40f9-2754-5ebc-99c2-af6fcf499ea1", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c5deca66-9282-5a20-b087-5189590b915a", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2d368e6e-bcc0-5b77-a13e-6cd0d806816b", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2f11b3e2-f43d-59c2-8cbc-4eca4ae5bb6a", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-management 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:59769572-91e4-58ce-afa6-1b866b607cdb", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4d3e8137-aec9-5202-8e73-e7e20b3c45f0", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0356fead-e566-5e87-a92a-06045a2e1a89", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:84f48d4d-9271-50c9-b1ad-3b1e89bf2e31", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dbda50ce-6ed1-5edf-98d5-c1a0613c2e9b", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:43ee7549-6629-57c8-8639-9d3c43e84203", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cd09a160-5f3f-5d97-8e50-bb5ab0312b23", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:02ca2ad4-61cc-5080-b0ac-2f1cab0d1dba", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3603c1df-1f06-5b41-9c19-b74e090f6031", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-management 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dafa8d14-72e2-5216-b742-40a78710e389", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:663fe819-60ac-58d6-b3e2-d7714ca0d150", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2e091b35-e94d-525f-910c-70db15cb3a74", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3b101df5-27b4-5a8d-b0f0-d37c4cbdc6c0", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-management 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dcc66613-0b4d-54c7-a16f-434de8064e99", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e47d6fcd-0ddd-54cd-a4dd-5b830f8f41ef", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:195fa974-72ac-5da7-ad65-8baba61e408d", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:990fab5b-9e5e-5ddc-a77b-115cb86ecba0", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-management." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-management@3.5.9-tuxcare.5" } ] }