{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0041769b-21a5-5ec4-9e2a-c8b10fdefb53", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-tracing", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4f5d0c5f-b8d2-514c-ade3-7947af98bd70", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d00207b4-01ba-506f-9630-2e3ac2d5d080", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d78f8b45-3c30-58f5-a732-c73edcae11b7", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:61012f2d-214e-5d8f-accd-1c8407988436", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f21b6c4d-3c4a-5b2f-9b5f-62a39a266cde", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:18bac25e-e4cc-5610-b74e-44a9237a82c2", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f61877ec-35bc-5e2c-8d3f-e4a4f95cf926", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:83a5fed4-55eb-5fe7-96e1-99eb98fa89b6", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2369addd-bf17-5f97-b029-23af9569a4b4", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a1756cc-15f5-5339-8ca0-efd7a24b2cb9", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b4c1bcc-842d-5435-9adc-b09214920ab0", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:05b58d0c-69e7-56a7-a87d-0316b9ed7b5e", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b2d9c962-daae-5c08-a0e2-8b144fa5786a", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:67ff1119-5ddd-5d1a-862f-68a0b3de4a53", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:537f9f4b-952a-56ba-8555-9202c369a216", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:721380e3-8382-523a-84cc-61e0c3c18066", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9369afe1-c3ee-54b4-bc05-38b13e9a6244", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-tracing 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:016cbcb6-979b-50fb-9e05-59e447f8527a", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b442de40-e25a-57b0-85e9-653b4645e3b3", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3e828fed-12cc-5df0-948f-579946e141f3", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aedba0a7-07df-5349-8a56-56bb495e90ec", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4185fff6-b01f-5dc2-af77-18f218724e9d", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1930cbea-90df-521b-a1c9-ab919d13b5f6", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:83d4bb71-6e98-5cc4-88c3-3edb8cefe6a5", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:440e5b50-b474-5608-afad-09571d4781d2", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:00855569-312b-5543-8e26-c37d9a285e86", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-tracing 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dc11f6f4-6a1f-59f8-bb0b-0bfefaf58641", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90424dca-0473-5003-b2e6-66cddbd63faf", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:85f35840-8050-59ad-b483-366e57c416ae", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:db101f47-2157-5460-9b4d-1d4496147656", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-tracing 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9d8d1e3e-9e74-51a7-a8fe-6a8693f4d93c", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0952e6d6-b419-558f-abc0-080cb8c5e4b1", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:333036e9-a684-5ff3-a6f5-429107242825", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c2a5d3e-a262-522b-bc6d-fe6eb35d634d", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.2" } ] }