{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f24ca318-870e-5241-88c9-78e3316d578b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-features-metrics", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:76a39959-2077-5322-93cb-ec9570eeb5d8", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:61b6ac9f-4c36-5e8e-80bd-2ff3b40f4697", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a4338f6e-03d6-5f81-a5c5-5139f57a7d4a", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6fd19933-4c7f-5348-bc1e-ac1496d4a6db", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:85b19c88-58d4-5286-b0ea-49465c53b4ab", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1e156c05-f542-5185-942d-d6b808c7e65c", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1cd62095-dff5-5b3c-809a-744c4fc6cbe4", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d40baf97-f5bc-565e-9b5c-9742b872a254", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:795ed2db-f38f-5390-bb64-ae41b2dd8af4", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6deda81f-1d6f-5936-930d-982ad51bb207", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ff31363b-01f2-5cdd-b35e-d7aeb04baa30", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:17503230-ab06-5b21-b992-a904467aac98", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9fc2d2e2-66ef-50eb-9e75-6b700cdfdcb2", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f81c300a-2692-5a66-bebd-82e637ad270f", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b862c780-d989-5f94-8d49-ceaaa31d66ee", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:af89be77-9a4f-56b4-83bf-f0de1088f5b9", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:604ddb70-f5de-5556-a2e2-0aba459bfe82", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4c908f83-86a4-58f9-9203-85ff02cf0a28", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e81dbf9d-560f-516a-9821-da8350e1262d", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:feb28b58-8329-53d3-837e-15b729c33164", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5a80c58c-2640-5b4d-9648-5078a7c71c42", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:edba35b7-31d2-5360-803a-a64873dc7e55", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a3297368-f38b-53c3-a93e-8c27aea7c7d8", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6fa92909-85e0-5680-8dff-d72f95f8830c", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:16a498a7-bab5-5143-8223-8439077d2ba1", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:82195152-16df-5d79-bb8e-af6bd2aeeb2b", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-features-metrics 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5ac5355b-6060-5bec-aa74-0e70e57e3322", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5ed78497-a840-56f6-8577-6344f1bd9b99", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-features-metrics 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:8573ca3d-dd4f-5b6b-88ed-9ff5b9d5d40b", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:352a35ad-c9fd-5d4e-a5d7-4e3bfdcf9702", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-features-metrics 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:504a133d-3c29-5995-9775-a2581c8a0209", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:125f403d-e621-54ed-b54e-14a238b755b9", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-features-metrics." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-metrics@3.5.11-tuxcare.7" } ] }