{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d57eaf4b-ca53-50d5-a6b0-79dc4265b430", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-microprofile-tracing", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9f7b8f37-9b44-599d-95ae-17a46bcd2df8", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:024eeec6-4c77-59ad-8e72-eb5600b16adb", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:600aee95-9e87-5f50-bb75-24649b30e7da", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eb8173fd-3b85-50c2-a48a-ac8d17d5b761", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5f713389-e183-5220-8794-a5657e893c6c", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8479e782-a1ec-55a3-8721-04edf8ea8704", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9602a307-0ddb-5457-ae67-289ab8ba2fa7", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6dd80556-0351-5d37-9e50-a797d239f44f", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4fc003cd-8650-55e6-891b-5b7839ff0485", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a24f2885-bb49-5668-8129-117cda2d8547", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8db5caa7-0add-5151-82ff-1dfa41b6e238", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fbd1658e-d9ac-5180-af6d-eb6dbfe37976", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:97318990-a9ec-570a-8630-a8934edd5dd5", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e2d172d7-7012-5268-8674-6f5e6fc6e2a7", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:11b41c15-d670-588c-8038-8f4c0c204e46", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c39fc71f-1fbd-5cab-b8a0-c5a2d507fcc8", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5faeef2a-4238-54d6-94ca-0a118e0d4002", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-tracing 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d920a989-6d17-567f-ad8d-47e31a06f046", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d79122c0-1276-5416-a45c-c77c93df5136", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:deda46c2-be38-52bc-beec-1c9aa86a878d", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9ef1fe84-1114-5351-b7d7-83189abf7468", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bcbc4781-144c-5681-9354-299b268b8a8b", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0fa7f97f-90ef-5caa-a95a-a3ac5b93bbef", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b857aac9-ffcb-5f57-bdf2-cfb4a97af45d", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3dd5d31d-cd45-5612-acde-8008ce9f5784", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6307a9f8-0a3a-56c7-9d30-25ed6ca77bf0", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-tracing 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:83e41155-7d51-5b6c-b3d5-517051aa7149", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:08b23d4d-a3ba-5e4f-835b-20baf02b98b0", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:574724d7-a41a-52f7-9767-9add5b816737", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:acb69258-b01a-5c4b-8fe4-c8c0226b6ab7", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-tracing 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c717f52b-67ad-5e17-a3f5-e329acba2cf6", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:927f81a7-8ebe-5641-8013-78989b216237", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1413990e-f190-5366-919b-6d9ad6a2fcc7", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3fc20f6f-8ba2-529c-8c63-c279c06cece7", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.3" } ] }