{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:78494828-e298-5841-8471-d0efc09bdfbb", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-ws-transfer", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3764f793-2ccb-587d-9d65-54e1a90ae83f", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:890b8312-9109-5aa4-8515-33900e0957b1", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a59db9d0-6e7b-5c7a-bcb5-f2b98e7238e2", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f97f692-dc04-5f22-8a5e-ca50c3cbc9c8", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:469e22c3-684d-5559-bfc0-98e023820305", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd33cb51-d817-5bcb-97cc-65bd62de38f2", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:47fba948-2bd9-5eda-9cc2-0ef3479382b1", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:958e1482-d689-570e-bc02-8a39cda7885c", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9394f6c4-d211-57de-bc94-878827f8f1e0", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:33e0e1b8-6c82-58bb-a31f-9a7c10b48cd1", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ccc51aee-db5a-570e-bc23-47f93fbb5eb9", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28e2a6a8-7807-5d05-b2cf-4d7a96899c0d", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19ccd999-928c-5571-9b51-0bd6e227f12e", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d52c75f7-a96d-5fb1-95b7-63a14d6ac215", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b7678f97-bbe7-5130-a16e-4d43d253e15c", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d7d3b69-4c07-5994-9255-67151e6f2f71", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2ab4f636-7dfd-5305-bff8-5224cba64c5d", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a132b232-c9ba-5c0d-9da6-e4fe2a5d5902", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9e7f6073-2857-56f3-b46f-097120120d50", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fe2b2735-c972-5c13-8df9-747eb0ecefcc", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7ed21f5-5b4f-5f7f-baa4-ad9d0b625ee7", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91b66b6d-1bdf-5d80-ac3c-c771fadbd9cf", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cbba4ba3-0d75-55f8-80aa-c941e6791389", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6403e391-6a81-5c62-9476-18ea87a1ac35", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eaa51780-1419-52cb-999c-4c66505c43b3", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bbeede44-a6d4-5b8b-8313-0bbbe250c47f", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-ws-transfer 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b4981c58-3aef-5428-a003-53f3816d6f40", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20cd5a73-2186-5423-bdc8-28583874ce39", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-ws-transfer 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4357127b-a47b-5a64-b171-7b522e271351", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b0f89cb1-f175-53bf-b0b1-edd754345edf", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-ws-transfer 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b4c38b11-65b2-53ff-828b-34707014a91d", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:43644196-924a-5a48-a89e-56e771538bdc", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.2" } ] }