{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:93e43de2-5b12-5d3e-9e98-14597aa4dc97", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-features-logging", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:29308d43-c52a-5dad-90af-e6bb4357d631", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eab274ed-d067-5fd5-a81f-013171c9a975", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b2e5d5bb-b683-5b95-b1c9-4a8e49abb76f", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5add05ba-e60e-56d4-a5bf-730deb75213c", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a4182db3-f3cc-5837-b6b1-94ac05c763dc", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ef419699-3f0a-5eea-a568-ea88b3232768", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:33c8dcf8-4262-51ce-bcef-c17288de6329", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0f9b642c-b278-552d-9122-c0696f2dc9d3", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b6209979-36dd-5db3-8b76-addc6c22030e", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:607a1a4e-40ea-5e62-898c-c05cb94d9c9b", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7ca55acd-afb2-55f6-b381-3b2d1d532c43", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2a561fbd-a2cb-5cc7-92a1-6c9f9e25a17d", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:972b2a74-1998-51ae-bee0-ad08ad41eb39", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9159ad02-a9cc-5f0f-868d-5864b85eaa04", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1250061a-5307-56b1-b936-3740835a8f78", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3867e03a-9069-5588-b0ab-951f9184a2d8", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4a8ab820-cf2f-5b6d-a424-7f565eba8b35", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-features-logging 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e4bfd26d-8cba-538a-8705-738fe114b0b0", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:830c6ae9-1c89-51a5-ab37-57e6d6f2da00", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6efe7096-a78b-5391-b332-29992f82db98", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cf0ffb28-e389-569b-80fc-8a2eea66cdd7", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d4f7677e-7aed-5750-a4da-08705dc5a63d", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0a9498a1-eeda-5f68-b425-ec5fb2801d50", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:50307b32-efe9-59f8-af86-01cdc101a03d", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9bfa8df1-a58e-5433-a28d-9dec6522beaa", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:99a06afb-e835-553c-92e2-e35f58343b6d", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-features-logging 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:681d9635-6420-5914-a9d2-50dd170b07d0", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3365cd6b-754c-5394-8b0c-d6f5564dc4c1", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fdf4faf1-077d-5c26-bd31-e95b6e05db08", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eb54ffe1-2443-5770-99e0-5b80242b5b4f", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-features-logging 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3f375eea-8aaf-512c-b3dd-11d580e01a3c", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:06a8c7bc-8ecc-5de6-b6b7-08c8aaf19cf8", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8b99dd4e-9c59-5fc2-a2cd-ae1ab4f34142", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c81d9e44-dc98-5364-bfbe-783244b1313e", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9-tuxcare.3" } ] }