{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:87fbde0c-b4d7-5bc0-9a6b-f6fc5c429f68", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-features-metrics", "version": "3.5.11-tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c4e7612b-c72b-5fe9-8942-121c1fd29d9b", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7b6d0cb8-623d-5760-82b8-bbed35ecadee", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad873647-1af2-56a1-85eb-593cbd585e67", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:70a59c47-584f-5ca7-904d-70c82ae91748", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c5b6047-3974-5653-b03e-99529c94b40d", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:98758c5d-ba5f-51c2-8a43-45ffc5c86ec3", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a04833c6-20d2-5ce6-99b0-ee193e0a43da", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:17b854ca-f864-54a4-9c23-c60f67cc2be2", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f2b74964-ab65-51b3-8c80-6f53470798ba", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f02ca769-2168-59b7-a951-0cfefed3395a", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c36705e-33c4-5095-a504-5bbdbb1c99ad", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e106dea9-bec0-5320-b1ee-ed0583506232", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99b1c0e4-da4d-5fff-9ae4-76a70fbe8e77", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ae4d9e9-f9b5-5f8e-97c0-fc70264b711e", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a574e633-b84a-5cf8-a362-dcbfe613ef35", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b84bc4f1-5395-5461-a8f3-8207b4ed13ca", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b68365e-093c-580a-989a-fd3d062bf63b", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a3085a2-ae99-5f8f-9a8c-b0b8fe676a9e", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fee7e2d9-77de-588f-8fdf-5a8bc5a76288", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aa69c1ae-d8ef-5688-8262-6728d7f062c6", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef1267be-0e5c-5a51-a14d-f0793a9e6a7e", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a19bd92-95d8-5cb3-90b1-821ee8b87746", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f6abb943-4763-5e49-b437-bc1fe6edf45a", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3caf4d30-3478-5ca8-af9d-bb59208fb504", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95359801-8bc7-5181-831a-db641813a813", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9d4edd49-c8a3-5b5a-a317-7e6797afd4af", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-features-metrics 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a2c7511-987b-5248-9aec-5acca5c798cd", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4da97ddb-923d-5bca-baf0-b22dc3b8d22e", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-features-metrics 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:014a567d-e19d-58e0-97ff-46c23bd4527c", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:10869c3c-8a8b-5dc3-b7e9-4f8efd441442", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-features-metrics 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:41f14d0e-0c0c-5a9a-91ad-4c2a299b8a86", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e64f73a-3673-5795-89a2-a804542f9a07", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.1" } ] }