{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b4d7d5f4-6ed1-563a-8a83-1eb26ddca347", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-features-metrics", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:68082531-3661-5485-be9c-51b256c242dd", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e4aa3e3-e8ed-5d08-99eb-a9b6d548a1c0", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e85547c-e256-559d-9e3e-4726b4780711", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3c5e47b6-e50c-5479-92f5-780d5cf2e123", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1405e9ed-aec9-55db-8b3f-0cdb2651d31b", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:43d347fc-a21c-5444-ab58-ff00eae9dbf1", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0828385d-6048-58bc-9956-9246380595d9", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b3a5875-f806-5ed8-adcd-275177b225ca", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3149990b-5611-5b92-99a8-9ff00fe96322", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b33f1f93-61d3-587a-b519-7a1c3434b458", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0941e23f-6a0d-5c59-bf30-66ff54065e2f", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1c3b0952-ff89-5396-aa21-a5e24df97cf2", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe85ff6f-06a6-5226-bfda-79d18f5fc1df", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:019ccf13-56a2-5a78-a53b-319a27c97e41", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c0e25b96-155c-53d0-86cd-22078dad653e", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b09ad30-f2fc-5b8f-a3f7-18e1791c6e84", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7565c496-3c26-546c-bcf4-c02688b0012b", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-features-metrics 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:02436d41-75d8-59c5-a221-12418ffeb676", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3c18c8ee-859b-5e50-90aa-908185226626", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8168cd24-664c-5bc1-bab1-5fc9fb92b0c9", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:298006ca-d3c8-577f-8b62-93fae12191d2", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9e733795-c1c0-5a46-8347-3ff3a1de762d", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da11a925-ac94-5ff2-9972-2ff3387d9de2", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c040e67-dca9-5b53-8f5a-e7059c830078", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24f0ceee-c236-5a16-9215-0431267932fd", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d68a6696-2c9b-59e4-9f7b-97fb9b85dfb5", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-features-metrics 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:25ce964b-411c-58eb-ab41-e61d9f11d9b3", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a55cf0c-419f-5cf2-b7a9-0984e0a79c89", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d62b2e22-9c96-52ab-b314-4c8505b5a61b", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0d281b2a-28b9-5820-afcf-aab9e583cb16", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-features-metrics 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60dfdf57-50aa-52a2-a8d2-1b5ae9acd37a", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:642a5364-9226-57c5-bf92-8b0b1b46a29d", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64121eb5-88ea-5c78-a989-545d0aa57343", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b886dacb-9c6c-522b-a0a7-86beff64dcb0", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.9.tuxcare.1" } ] }