{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f9bb4a14-17ea-57bc-8bd8-2c22fc7cf8c6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-integration-tracing-opentelemetry", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b057222c-7b64-5056-8cdb-50d5459a49d9", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e6c905d5-3172-572f-b434-bb054aff1872", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3fd412e6-4817-5f4a-81e5-e0c9202c9abf", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2996d8e9-2acf-56aa-99e6-b508e7221580", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:faf04439-ea0a-5e77-94a9-cb8bf7a27c82", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:14264c1b-87c4-57ed-8a7a-f9000637fb68", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ec5e709-9f27-52c4-9f73-da032aadabab", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d8fbcbd3-a5b1-5934-b230-a19728961174", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a13e5f8-4516-5f18-a351-d0063d16e925", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5f30be81-88a4-5537-9947-17dceb0e8d39", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7db40409-59b0-5114-b8d1-a18486c5423d", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0d9c928-0563-58ec-827e-5ed607136e57", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eac1ce07-5668-5c3a-93d3-e2ae6e31cd3a", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b29c5a70-bab8-5e8a-bd5f-3b66af4fad50", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1618d447-e4ce-5a5a-b931-5c1979e1ad67", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f998bc22-753a-5187-a4d3-1a26b35ce96c", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b195b526-1d6e-500b-8f61-cd44c2df0aa0", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-integration-tracing-opentelemetry 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b41a711-8373-550e-8096-84cccab27f00", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:133b303d-fa4d-533d-8ff7-8094696d08e8", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e59a45e7-6a59-5c1c-bd82-94d98c337934", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3409fc6f-763c-5eca-a52a-9fe9a86e33d5", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4fe0b817-0635-5799-ab4d-cef7c8c106ff", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c0947214-9ee5-5400-b93a-de8de24489b4", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:189cacbc-f0da-55ba-8efe-6ab28247d159", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:85c9809e-72bd-57e9-bae7-bc2abf3f6581", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:021934c4-351c-5e51-b559-95a6ed2fac6e", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-integration-tracing-opentelemetry 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c2bd052-9087-5c2c-9ca4-5695e6abe3f2", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aab62a01-648a-5aae-9045-ff128a09092a", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ada9b58-644e-5f2f-b985-a96455534845", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cbc9b5f3-aaa0-5547-8fc8-9e4bb8012453", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-integration-tracing-opentelemetry 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:151f22e5-556c-5937-8a10-f97347831e07", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:38f3900b-17ea-56a5-92d1-1abaca6fa998", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bbf4c873-e571-5917-b975-8ccca05bb5dc", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6d52c762-a8bd-5b45-bab3-4fd73cd74b71", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.2" } ] }