{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b36400c6-0861-550f-a3c9-2fd835528a31", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-features-logging", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:765125fc-55eb-5661-8eeb-938985ead7f9", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d22345ef-3613-5ab3-b3ce-6de985308cf6", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3762dd11-2459-51fd-8e8c-8c118ece2815", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e1b6018-75a9-5a71-8fd5-e23258f77993", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:107ad341-d0f1-50d6-a06d-1e0cadf947b7", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:41371416-b410-5043-9f7b-6148d2f19544", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f83fe470-7055-59bb-82e1-8f73f3750a37", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bcb06ce7-2dd3-5959-80c6-cb75431b62ad", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bac66575-3cd2-5e36-beaa-ddc4cd8d477e", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6501d306-fe91-5314-b519-a9879fa8064c", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c727de4-e470-5b55-b8b4-bf01af861e6a", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9d5e7115-226b-5d06-ba08-0671bb4ab09f", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ac9c299f-d2a2-52d7-92f1-f699a3a53c62", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bcab3863-f405-581c-9fc0-781ac15d406c", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b17b3e28-0081-522f-8e44-e0b754295aae", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0482263e-13fb-5ac6-b778-0578d6e3d6e5", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d776d8c-6c04-565b-9dca-75fa13bb9404", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ab1fd45c-fdd9-5a0f-9603-1441b8ef8226", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:885802d0-bebd-5e00-a0a6-2af9cf940a96", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:856456af-f0a8-5fc4-b18e-030d247c7fea", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f9e251e2-357c-5276-910e-2ec322509b12", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e98697e5-4281-50b0-90b0-00a2edf47b22", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:966c1a5c-62cb-5f04-a3cc-bbb9fe4e6167", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0aeff35d-6de0-5d40-8581-684d39a03ccd", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:63cdef44-594b-53f7-bafe-30ae93aff6c8", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b7b2c4c-0a8f-5f91-9fa2-0c38ef5f0d87", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-features-logging 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:acb0c0d0-2976-547c-9452-6739c9257e0f", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90df4eef-88e6-5d5d-ad0f-20bf495c7f84", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-features-logging 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d2dfd5c-ac16-58d9-b8d8-9355bd5b3955", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:146a6151-56e6-5aee-8499-43c36c0c7751", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-features-logging 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ddf10f78-6c71-5bae-a658-bc54f4eb2571", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee5a7591-861e-5fe2-83a5-8df839a265f6", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.11-tuxcare.2" } ] }