{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a868b9ac-493e-5feb-8c14-8145ba930888", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-features-logging", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c686fb72-88c2-50b4-98b5-01e36ba050e4", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9298a7bc-779f-5d40-b4cb-7cad89b3f368", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a04b1d91-d2d2-5316-bc84-f5a12a4bbe4e", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f773dc1b-7f0b-5487-b422-f48ee40ea524", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c854ff7-26d5-5da1-afcb-876ca372f479", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:684e1550-2ae5-5601-94ef-488befb530ae", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a69bcf33-c63e-53de-b483-444b8f408311", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5741f38c-ad93-58df-bb2d-e2ecb8f179df", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:269af10f-1c39-570d-92a8-f038dd1a26c1", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a14cc4b-a5ba-5e5e-bb75-b2258a67a924", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a0fbbab-a7c9-54d1-a959-6d159c557981", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4fe0b0ea-babb-5ffb-92b8-8b503547a358", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1fdea941-f81b-5731-83c3-df46d03bf661", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c2257fa-1810-5a34-b7f1-3e33834a0307", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eacc2a0c-71af-5047-80c1-2cbace8f45b3", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d9eff17-672c-5e25-ab02-9f385a102eda", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4d85fb31-03d7-5f29-9436-41bd94ebf654", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-features-logging 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:37f37556-59d4-511c-9c82-a299b5a4d5ce", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:81e20ef9-5669-5c39-9cbf-51fbfeff7646", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b24d522b-8692-5644-baa2-4869c732e7bc", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55f9e7ef-3a45-55f1-9618-51e521e55b8e", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a09cd86e-2727-5615-ac07-692388bc0668", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:601f7c98-39bd-506f-a813-7d575e5c49df", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3525d6f-cf3a-5d0a-87a1-3e7612774b3b", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:02ae855e-636b-5537-836f-b9d1108708f5", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:054a5899-6428-5bf3-a005-f6d62226d3a2", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-features-logging 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cbe5a871-6bcc-5a02-a963-f97c5929dd4d", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3778f6f2-0fac-503b-aa92-8d7be93fe987", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a6b560ea-9aba-5b05-ab4d-14753b6363e8", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c37d5bf0-debf-5abb-a86c-3a3dc002a15e", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-features-logging 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69183ebb-75c1-513c-a4a8-fd3282f9358b", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bee8c142-f673-5dca-9492-8281fc9ee7da", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c7413872-9fb5-5e25-8b59-42071340ed89", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0b021ef1-37f6-51d2-840a-98dc01ad5b0a", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-logging." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.5.9.tuxcare.1" } ] }