{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c98e77c0-4f1e-521b-adff-4ae91df230ed", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-microprofile-tracing", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:79e8f02a-515a-5ac3-8786-e85da013c9b0", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0b88a763-4af7-5d34-994e-c2ebc8c87fd3", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:509d4645-d3c5-504a-b270-c575a30696cf", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:836995d2-2e9f-5a2e-8ccc-6e6086bc0088", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b778eaa7-dc7c-5650-a649-be904f1d28e8", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ffb2c8ed-3f8c-58f8-adc3-72062815c842", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:42986df2-5215-545c-b791-e9d15e1c17bb", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:005a68c9-0191-5a31-8741-1fb01923c5fa", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ac1f3a85-da80-554f-92f5-dc3d7a1f3216", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:52a594c1-5106-595e-9823-14ce8481e782", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b00f41db-8f16-5715-b098-b7b0b039b73f", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e649a1b3-1b20-5626-8951-19543069bfba", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a7e26d77-5353-5332-8752-95d28df2fff4", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:122c9713-25c4-506c-9253-f01860734870", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ec25a7f4-c81a-53b3-9382-13d123807012", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ae42e47c-3c88-5daf-93b1-be78e97c5fc9", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e949d648-ab8e-5bfb-86b2-cf93d946a120", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-tracing 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7df13939-d413-5b88-97c8-ed2c41d5ce60", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8938619a-755c-5308-a969-0cce0ff6e678", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f74d5f21-8a30-51b4-acba-8f8b8aee2ecf", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d0c8a569-e725-5a62-9752-2abd46824339", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ca14ff22-8394-58dd-8b27-67d5392507f2", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cdd930b5-7b92-5db2-bd1c-ef10a526e06b", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4b10b35f-82cc-5407-92f3-9c425638d933", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0829e889-06ad-595d-9c2a-b209344ec536", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4d0f1999-b769-5ca4-a92e-9433d342827e", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-tracing 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:772e60d7-58e8-5d24-b6ef-815581a8dd64", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:43574c9d-0916-5154-b790-1abbf923d1b7", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6c2d11f0-f9fd-5c38-9527-53b46b0da143", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:548d254d-b153-5c43-bd38-e379a7184266", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-tracing 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6e2fa286-a093-53a8-892d-5a9ea5f31069", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dc915cb5-8edb-54c7-8717-23d3be24cc74", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a3c5a7fe-bb98-5332-86b4-b27b4554779b", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4018f498-bb85-5f9e-8046-15a180d13ed4", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9-tuxcare.4" } ] }