{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e4ae091e-e3cf-54f4-b2e7-d493d707b8fe", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-features-metrics", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:37a19f35-de75-5770-9456-2157964c4a3f", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:01fbbf26-d5fd-5882-98bf-30e1c2277b5c", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:185547fc-d708-5f89-b70d-39f0154973c0", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:82665688-d53b-5901-a350-853d14f42a76", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6e407302-e9fa-5214-9d56-0059562b1acf", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6bcd98d6-1f6b-5dd9-ac4e-0bb83d8a753c", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5f6167b8-8482-522d-968f-36bd2c6d9d11", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6e5b013e-678e-5fb0-a877-fd2f72dd6298", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8a67ffa6-bb65-5a8c-9c1c-8b4b5eb7cbb9", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e2053f14-34bb-5b48-a8e7-376a77288c72", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bedb2be4-1052-5d4a-b782-2c7068825198", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ea4370d0-f4eb-5fed-8e82-b33c8c7555d3", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:259c7f5f-13d8-5f5e-8331-b67f513b9028", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:435162f7-76a8-527b-ad80-5faa62edbe41", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aefefaf2-7b01-508a-8e11-e97b6a4d953c", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:051ac39a-cdcf-5e0b-a564-3e3d571a5467", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:502437ee-13ed-5629-bfa3-d839c17a672a", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-features-metrics 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:938593a2-b84e-5746-aa76-f2066e3723b6", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e56dbdf6-3a49-5247-8113-309636ba81f1", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:206d7558-c3b5-54ca-9885-1b96fa2a2efa", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:922e54ae-f1da-54f4-8078-2750ad833d5e", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9b99e446-15e6-5553-b7d9-e56f630643f4", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:075d1bf5-080d-5287-9ac1-9e0d7e5e9392", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3d08900d-c8d0-57bd-93b6-c2d9a3ecb9ce", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a39aba15-08f1-5527-981a-2fdca1b4effd", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:72fd41de-a29b-5409-a49f-acb3d84e533a", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-features-metrics 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c439599c-e5e5-5cae-b018-8c7ba70e3107", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fb694d76-bd16-5f54-af88-3747619c0bd1", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:791f940d-2c05-52d5-9dde-f053f5291e58", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5c467170-6084-5c5e-8ffc-dd34c0eba57f", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-features-metrics 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1bfda947-7c66-58bc-87ef-1efb9c25751e", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d8862e60-be88-56af-9577-48f87781ecd7", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:33605136-4a7b-5f66-8f57-5e0e513af98b", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:408277c5-d570-5560-863e-fe853b81f0d3", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9-tuxcare.4" } ] }