{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0ddfbf96-85b5-57e1-8cae-d7bf680c0c5e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-integration-tracing-opentelemetry", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:12509001-dabc-5300-9f28-5b0575b9abd1", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5065dcb9-ece8-5365-9120-cd15fa8c708f", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4398623a-c10c-587a-8ce1-d5162791cffd", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a92c22ed-3afc-520e-a0d0-2c9c1779f601", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e23bccdd-2e6f-5ccb-895d-5ea110cc5472", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8b8b2d7a-39a3-5852-a791-7dfcff2707af", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d7c0edda-7d00-5535-889e-879848e6568c", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:408b6024-81e6-5125-aa4c-57f8a7c947fe", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:66a7c97a-ae06-5fee-be31-a3e49b2a503b", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5bd2682d-7e01-5c8a-99b9-c0275730a522", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:884bc66b-ba55-5e14-aa19-872bba9e14eb", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:84868dca-4205-51b0-8088-d065aab6ce0d", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8a1fbdd8-6190-540c-9e96-3f015e9f4843", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3ebd66f8-204b-5600-909a-196b916fbd62", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:14cdbd6d-69f4-5e52-b31f-d9bba6f55aea", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c9d41d34-a424-5015-bb38-facc50fb7603", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9091bb96-5410-518d-ac67-0fcbbcbadfa6", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-integration-tracing-opentelemetry 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eed2999b-4a14-598f-87ac-8db088417b8f", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5c19d10f-5e3d-511e-bec6-bd279a93aded", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4498a19c-aeb3-576a-bf9f-2214dfd191b5", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eed691e5-aab3-510f-9f03-bcd857c1c58a", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0ea6f6fc-1bc1-5c46-a878-6f31331c8a7f", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2418ae8e-7041-5f60-a66a-db404eab82c2", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ea1dad66-a9a3-5bab-92d7-e0464c4139bc", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6d7914b4-bd5a-5f20-bc49-cb05d137df67", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d32ea9a6-7162-5bd2-ae73-13c0785d60c4", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-integration-tracing-opentelemetry 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8f714102-f63c-52a7-8e05-b82b35bae8fc", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:73240dd5-b3d2-5da5-8fc0-db8dcd56d98c", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:02a96d91-1667-57e2-a28a-9bfce0f2a2fe", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c6bf36c3-3f82-55e2-8845-cab835ad441b", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-integration-tracing-opentelemetry 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3fbe9e9b-3f3b-5239-9a55-1d6ba03f2631", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:68d7b7b2-e1f0-53d6-bc2a-4182db34c534", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:55656e23-691c-5fe1-a146-d148467c0818", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d1e51b25-e901-5605-b998-9af30bd528a3", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.4" } ] }