{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3923a9fa-b17e-5541-8447-ad7ceacd34f6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-microprofile-tracing", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c2b7217f-1d3d-543b-8ee9-de5cb36b4a86", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:97ad200d-4089-5ced-9e18-9d3d670f09c5", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d92ea3f-4174-5078-b5a3-de022c962ae1", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:304fbbcc-b851-5d4b-9e07-866728eee484", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:884ea6ed-f88d-54a8-8e54-87c43bf2c4d3", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e176d1a-6afc-5ba8-b40f-cc43c2af1cfc", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f9c10a7c-9057-5f6e-83c2-4c7d7770997a", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ece478ae-b437-5311-9f04-c1b9d360161c", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58b58f2b-5889-5f50-9148-194d389aecd1", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc72fc7a-ae93-55d4-93b6-c4abdf5443da", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:531f6e71-b6fb-5082-834c-5b5c9e43b927", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:17887532-a3fa-5f77-a273-130366905b0a", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c756971-f616-5ad0-a609-1a71747ad0e3", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b8a9424-a1ce-54ad-8280-c99ce758dde1", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb20fab0-182e-5149-b207-d0ab27f4b5a3", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f8686c41-80ac-58a1-b003-9a5b07635f96", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c1c9b22-08c0-551c-bfae-c9ee0347e697", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-tracing 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91a5649a-b8a4-564e-8a42-82034cbfeb2e", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e8aadbdc-6e96-5be1-aeb5-01034e281518", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88e176c6-ba81-5bef-a7a2-b85121a5b60f", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5deb1615-3e75-57c8-8fc8-3afb8f3d0e70", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:16303d4f-83cb-5ddb-ad64-d7b823cb22bf", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:670f43c9-f82b-5ddd-b7d0-a34ed8c0a9f8", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ab1561c-630f-5fa5-a8bd-61e87c1722fa", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc719e6e-296c-5f0f-b737-618df04f4301", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:36a86d48-2e9a-53ed-a513-eb9c3cc854e7", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-tracing 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:449ad4fc-07bc-552b-8703-2a44c3ddda17", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a5de71b-c8ab-52b8-aa8b-f419344f5c37", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:15c99fdb-7c1c-5218-a2ef-a7cbffd08573", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:34aea3a0-4957-5388-9b74-9c794cee08b5", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-tracing 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0189e847-bac7-52c9-85e6-c4f8d17d4ab4", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:158296b5-2783-51e3-9669-6809b2e559ad", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2bd24221-6670-5049-9e6c-3325fb40c309", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:53409420-5a3a-5ef5-8eea-48d9462d9501", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-tracing@3.5.9.tuxcare.1" } ] }