{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5c213925-3dbb-5a48-9c19-fdd4fef99018", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-integration-tracing-opentelemetry", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8fed4f26-18b2-54d6-91f3-efec4b86630a", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a83feb36-30ec-5799-9cbb-4dfc75103aa1", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a6603d9f-4a34-53ca-ae4b-52f4f046b089", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5ae520d5-41ac-5b4f-9f49-7bd3033f6bf1", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5c2d3d7d-7e41-5278-b5fd-a2d8fd1eab42", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:34f82ab0-3d88-5dce-a6e9-430b675a6116", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2d5d512b-6884-510a-998a-83e546dec3d1", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:451ff2f3-3d17-575e-88fa-f75812902869", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7ae5b793-a80e-5952-8ac9-b8f669b394f1", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78d9e629-7037-5dc4-b6ae-4c3814008600", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:24c7e7fd-3633-5ff2-be69-cce12dfa274e", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:416e2908-7c09-5576-b645-ca51aaf83d1d", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7070168f-f57a-584a-9a0a-7120344bae4a", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:557883a0-478a-5570-9088-c0bcdbc0f3a7", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8dd12499-dd59-5a3d-ab8d-e73071c9efd8", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d7e7e722-7ef8-57d5-91b4-5b73ab73f1b9", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:093451a3-8110-5a0d-8886-2e9297e2826c", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-integration-tracing-opentelemetry 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:42dcb3e4-5cec-5003-b3b9-00dc017d7c8c", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a38cd938-f7f4-57a1-b2ba-4f412a6c0917", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:893953b0-c906-5960-a086-26856ec73201", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1c2d8cfd-7aeb-5e9b-9688-91366f81b2f7", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7090b97f-ed8e-5c0a-aeb7-f79e83c2075b", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f6053a8d-6772-5440-b705-290b2588ee4d", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5e0f63f7-72d8-5dfc-bd41-8792799691f6", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:873d51fd-5e04-5d97-abda-4d3a204d05ad", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:92a5c88f-3e3b-50ff-b452-d29e0ce79d27", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-integration-tracing-opentelemetry 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8cee78b4-c265-5d13-89e8-c4a945e8dfa2", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:54142c51-7a72-56bb-97ab-d19a934be9bd", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8286d8ad-9ca3-59db-86b5-d3460915cd2a", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e485a4ae-3f68-5238-89fc-24923a73365a", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-integration-tracing-opentelemetry 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2013d290-5c8b-5cb6-8118-6d6dc133f704", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3928824c-c670-5344-ae8f-3978ebc75f7d", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4dd93c35-adc8-5d55-a237-b30c1c9ec0c9", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:073c91da-6080-546f-9fb7-96182fac63a1", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.3" } ] }