{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ec04a4b7-c6fe-51a0-aca7-45fe5bd60c0d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-features-metrics", "version": "3.5.11-tuxcare.6", "purl": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a6373914-731b-5b8a-9c17-a1bd3cb521fa", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:337ddc4c-b34c-597b-8eeb-0bdcfe4b51bb", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ee203caf-6901-5e42-bb69-3980fa884815", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3c113569-7c85-57c1-b064-2986d9e0743e", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c02ad216-5d56-5cd9-8f94-795c10daebbb", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1e75ad0c-83b2-5583-b6ab-6995fae36623", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ecd868ea-7462-58d9-b0e0-6ee225fc07c2", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:51ce3f34-765d-5b82-9687-809ea1e91229", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1cc622cf-326e-5de3-8088-c11f2bbc16c6", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b740cf48-4f4b-507f-9712-1c78184dc7fc", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4604cec3-0f48-5626-a214-c3f82b213816", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a89463ab-950e-5cf8-9b96-04a7ea27865d", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e479f84d-b283-5c99-8ce3-8608f7d9d696", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c958b3c6-68dc-5e6a-97fd-ae625e8b9784", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8ab34f28-8108-5372-a9b5-7e6ee0d598d1", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5b1ddffa-02c1-5459-a550-010aed0c80f4", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:458085b7-9048-5322-9bba-82f84eead68b", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9b0d392d-6003-57d8-a390-c5ffc585c9cd", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:275dbda8-a639-598f-8cc9-79d0d3bf27e3", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cd4e3159-d34d-5bcf-b678-80d977033ab2", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:28104f12-50d3-5461-b929-0d82d19387eb", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:27fc5d75-2579-59c4-9301-a8fe4c997b1f", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:eb4aed78-0dbc-5384-a632-28d13102d9aa", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d6ad54a4-278d-5fbb-bc1c-5dd089a5cf36", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ca602f3d-0952-53ed-b3ae-b56dd36ca4a9", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:52bc91c7-e7ec-5086-9c61-3df3b49a3f64", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-features-metrics 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9f88a702-6ba5-5b3a-849e-b2f939810e11", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a3ab050c-a540-5c6f-968f-5260aaa3b401", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-features-metrics 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c1724184-d39f-57a4-bc4e-fb20fb07234b", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:409f3324-11a7-5dad-a7dc-c1708df865e5", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-features-metrics 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:790bf65f-a570-5aa1-9507-3d603ca13d85", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8c96c592-8674-5620-a439-69dd133c07cf", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.6" } ] }