{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:78615ab2-09c0-55eb-b040-779811f989a9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-integration-tracing-opentelemetry", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f8f950e7-90ba-5682-8553-0705491c986b", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c25d52e8-f039-5912-a7d0-41cfc6c5797b", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6ce4d398-3065-5024-8cb4-87d0212a974e", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9825d2e0-f7d5-5521-ab8d-0288ced42698", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:63f5bd8a-88be-5102-a7de-6dcc37150229", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9b56ed60-37df-50e6-a9b5-01160c22634b", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:59ba448e-a9a8-58ae-adda-952622aec602", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:10f505b4-9bb1-5043-9aeb-cced75bb0cbe", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cb62d1de-8dc4-5036-8731-2f44c4de2465", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7b82aaec-256d-51f8-801d-1ac5ac89d022", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:80c4bb64-93a9-5f58-9e5d-a90166deb071", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1992c5bc-77d7-5d95-bb2f-d5e5506609c7", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f9c22af4-49a9-5efd-82e0-4cf0bbe09df4", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b5e7044d-bfd4-5a1d-9716-8edbcafeaf9a", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a3899b29-df08-54db-b8a0-a96485bf1116", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d60edf1b-89f0-5bd3-aaa7-ed1d2f802bb8", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2583a6df-fd3a-580d-8723-dc8239c5b6ca", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-integration-tracing-opentelemetry 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8e4f0250-c907-5721-96ae-33393127bc26", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2671f4e9-8f44-50ac-bdf6-d4148a3bd0a6", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dea34c88-8e70-58a2-9423-45dd02230b19", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:19e30071-9024-520c-a2d4-fb2e50ec8bcb", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2693e05b-8dec-5284-88f6-fd6d125ca4e5", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:beeccc1b-8340-5d76-8a29-69d1e3b7e954", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3c91d541-16bf-5ce6-985b-83399cbc5b19", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8f875890-2c40-5cce-aa5a-60f70d6f2a5c", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e88c44c3-aff2-5c8c-914b-67b3769511fb", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-integration-tracing-opentelemetry 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9c6b73bc-2fe3-5e21-85c6-cb7a4140c59a", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5217fa1a-d854-5b16-8906-99236c6c4770", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:56ca15e2-1515-52de-a7d0-06ae3850e7e8", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4d302f26-c22d-5608-878d-1cc4c3df6123", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-integration-tracing-opentelemetry 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e8e48557-5a9c-5618-9e83-66c112f6781e", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2eec416b-48ff-5994-aab8-52f1b1ac06be", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:520fa499-d09b-50f5-84b8-5275dd039016", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:67eba5d1-1c6a-55c8-b1bf-900402e3d9ab", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-tracing-opentelemetry." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-tracing-opentelemetry@3.5.9-tuxcare.5" } ] }