{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0c3560ad-af58-58b3-84fd-cfb606d76735", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-microprofile-tracing", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a00dbcce-7f51-5a98-a3e9-36970db2d022", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aebe2ac9-acd2-5d1d-b90f-38d26f5beeef", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bbf3db0b-ea49-5be6-9a4c-6c9786cb943e", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2510693a-0c0c-55e5-8f43-bd335357c008", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7ebbfeb3-0e45-5497-af6a-de939727dadd", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e69ccdf4-7254-5ca1-894b-85aaa5ae35b9", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2934b1c2-91fb-5d43-af86-43d93111229d", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6dc9c2f9-080a-5c1f-9d60-a5631541ec95", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b5a3606f-2aaa-56c4-b6ae-5be756c5f3b6", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:02f351ce-2625-5825-9803-883d1374c9de", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:80013bea-e187-5c5f-aa11-49e2b3ee3896", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34d090fd-209f-53e2-a6cf-511d87a7542c", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0cfac28e-80bc-5ec0-a90c-4d46b37b1d71", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8cfb66e2-cde6-5b45-8841-9c554a27c9f0", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3a2fe23-9c74-5cb6-aa95-41ce3405b131", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc86825c-0ca7-5361-9f38-b4ed84f428b4", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fe69bac5-65a5-5f85-a4c1-9e2743543167", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-tracing 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c480b52-1b5d-5fcb-a071-84756ceb933f", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37959cf6-ef01-52eb-97cd-9e8f353ce2a5", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e61cf965-8ec5-5112-bc88-4bf1ecda12d2", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a363bc71-75f1-58d5-b331-13fc6e87dc52", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb2f7a85-93a3-57e4-a35a-8236750f9c2f", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f755e45c-47c9-59f5-8e38-df5cc4f3be77", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:22299a2f-40af-5ef7-9c4f-03f3f5611d31", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d09c3cfa-c814-58b8-b7f3-4f8b148341f8", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:614838dc-ff7b-5198-988b-dee41b1b5877", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-tracing 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cef9f492-3e29-5f0e-ac55-1f5c9e87670b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:999aac4a-7ebe-521a-8158-0f0bbd5f14f9", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c0457b7c-d7f7-590c-8d8b-1285995e0e2a", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e66b5b68-dbb1-53df-8fc8-d467806bc418", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-tracing 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1da685fd-81cb-52a4-999b-6353a6eb76f2", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:16d27e1f-f6c1-5bf1-94e6-1af8a7dd971b", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13f5b916-e07e-59d0-b958-861d06a092dc", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e95535e0-c7b8-5d02-8132-88919928899f", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.2" } ] }