{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:540a2aa2-1898-504f-af45-a392b3c9d246", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-integration-tracing-brave", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:551584b5-372b-5215-b776-9100dfdfcb10", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5d7f829a-b442-5d16-89bf-4726c8ba8786", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a0e479f5-370b-50ef-8149-11cc53d5bce4", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5b440b7d-3ccb-52cf-908b-f1b75a676fe6", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:668018eb-2d28-503a-ae3b-5f98259dc313", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2c5f2c40-fdb0-51a0-be1a-46736c57ba57", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4c060634-e67a-59a6-8aa3-3873f7200f6e", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ae782ff8-4205-5db4-86fe-4804d3625321", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d71eb1b1-0f25-5e57-b838-5d6f4b64dd2b", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a8679c90-6af0-5030-95e7-c8b8acef3589", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6cb1f72e-9cef-5c58-b4b9-19adc437409d", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f40d8f7c-5456-528b-acaa-e369feb0a70d", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a9780f9b-785c-5698-bd12-1a3ced677d84", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:80e0456f-15d9-59fc-9a82-a089d0b660af", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1ea1c433-3d19-5ef2-89e5-bbb69219ace4", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:311567e1-b9ab-52f5-b8d1-3e00f760ad2d", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3f1d3583-be5d-5863-a3dd-5b3a62f5358a", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:032fbfe8-dc08-54f2-a9a1-7b4cf3a35fdb", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:17127df6-7959-5030-8336-5850a380159e", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6cc3eb7f-1cc6-58ba-8bbd-28d3b8b99e47", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:00e48a95-e922-5204-8d39-ce91802db33a", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fd21b21d-61d8-58c3-a505-02a252320f07", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0cead461-9660-5c50-9f18-754aa17555cb", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:09061396-71a0-561f-80bc-511e67588eea", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b3d9b987-6f07-5916-ad7a-924326158f3b", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f82f6898-4ca8-5fd9-bf35-a7e507f13689", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-integration-tracing-brave 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1fdd7194-ce76-512e-8cc8-b0bf0e0a06db", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:11f9763f-f059-500f-b776-a2dabc129231", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-integration-tracing-brave 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6a2eb0c5-fbc8-518b-a951-328b2ea4546e", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d01c7100-9ba1-5352-8532-816d68df5374", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-integration-tracing-brave 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4d0d10c3-7278-51b3-ae55-b31767ada25d", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5477dfe6-ccdd-5bc6-928f-0a6874923018", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-brave." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-brave@3.5.11-tuxcare.4" } ] }