{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2edc72c9-49e1-56b3-8d01-9f365d66ff8d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-features-logging", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6db4f5d0-73b2-5a4f-9126-01d952ad3d76", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d3b7c4d-9d40-55e7-8bac-4b45f6829bb8", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:50ee4840-1408-5236-94e2-f01e92aadadf", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ea18ff09-fd50-5aa4-b38c-96b0fbf189ae", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:052e8849-5ab2-5dbc-b7c7-b8e527e2b0b6", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:453d403c-eab8-539c-93eb-4b89479e4021", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:432d5672-4815-546f-834c-dfcd57742baf", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:87f0304b-3322-5ab8-a1de-b8f1339a1022", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:21b57da7-e5d8-5dc8-9417-c8b81ea51c5e", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6f34abf0-df37-5ec5-9096-466e86187db3", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97456a6d-9101-5ff7-9a85-78212c6fab1b", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:05028067-cd11-5243-827c-7b757f28efa4", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b88b89f5-3dd9-5f0c-a05b-5b09ca47cda0", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e146c3d4-70aa-5cf6-9dd1-584613a8ccc5", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:29641c54-b984-5179-88c2-f8ae4562e92d", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7b1a6d4-bda3-5b4b-a4c8-8f5208cf6947", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4821a1ec-a2cc-545f-9fb1-eb21427d5620", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-features-logging 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:de09145d-85bd-5b3d-88ec-37768224cf0a", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3765416c-6d67-5c87-819f-2f8f11aa2a44", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96697c6e-7e22-5553-8d50-194b7fd1313b", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f2cc6452-1774-576b-9e24-1e47892e9ac1", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:30b16598-1eef-5c1f-ad6f-2eaa41c9e90a", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97a8a267-4270-5540-9200-48401146f996", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9fb3d242-8e50-514b-9a9c-9472b591be13", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b5059fd-a09c-5f5e-b18a-ded14d07250f", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd0e5cc1-fa59-54f3-846d-912b9683fc8f", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-features-logging 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:539cbfc4-1346-582c-974a-cfa96349d0ce", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1339ae5b-d1d2-5c44-932d-886bdbb22849", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:63b3db23-3812-556b-b3be-d3de793f3ffa", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc2f58a1-19d9-59c1-842a-9a296756b5d7", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-features-logging 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a373f6c9-6110-5a1a-a9b9-75c2ca55dc80", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f95b6f3c-a6f2-5747-8cc5-d8ffe3353b71", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b6142e48-db96-5b7f-9d19-229390964bfe", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:59c47bd6-82ad-58b6-8f36-2937fedd07ee", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.2" } ] }