{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:eba8ff68-6b5e-5f73-a62c-69d8c410c185", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-ws-transfer", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cf056374-6539-5792-af81-73fda5588723", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:12ceddde-d09c-594c-b4c2-093cb69b5659", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9cceb1b5-cd1f-582d-8977-03d936c9ebc5", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5709547e-16d4-52d4-bdbe-eac319b5e07a", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5f103713-5e61-50df-9dca-5442d0858aab", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:00a7456e-2cf5-5c70-a89e-7fe444a5c4f4", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:37e1d79c-6ddc-5106-892d-44b4f19bc777", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8790133d-04ad-50ac-88c5-d6a247d7fa3c", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:57845420-8661-569a-ade0-93d5d2c3c081", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:36fd7239-5d2f-5be9-ad85-72aafa239228", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:74840298-bb47-5a7c-9699-d9ca989beef1", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:159fffc4-0323-5d01-911e-89b73723587e", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:22d78e9d-3ee0-57ac-b641-72325ebfd05d", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:15233308-967d-5c6c-8341-dc1e5cebd0d3", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8136a462-9d89-5a0d-9f61-6cc72606e5ed", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:94c97d68-3040-5a7d-8eb9-a57c0535b14d", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:09a227dd-98bc-5cd7-9ed2-fbd62e9cac86", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ef08eaff-b413-5dac-bee3-27bfa4f0b48c", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1212e0d7-c156-5140-a13d-0cf4e4a2d874", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d130729b-fc6c-5595-a436-a0b5703c309a", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:003afba0-17da-5e4d-8f31-7ee672df3d52", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0f65ec78-3987-5170-ab2d-2fb3c287381c", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f57adf10-906f-5a14-8a96-fa39e1abaf05", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d6586095-b7f2-5633-a1ae-06fd3367f884", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:21357e5f-592f-5bb6-9ea1-2c5e8eddeb77", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:23d0e78b-3598-5673-9a22-307cfb48606e", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-ws-transfer 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:43272608-cd0f-5987-b791-9a423cfb6b5a", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4440c564-3246-5a7a-87e0-353829414076", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-ws-transfer 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:80221971-885c-5be2-8eda-b74e2df2bd59", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b4c31f25-339f-553f-8b81-9e6885ba657d", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-ws-transfer 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:620d483a-7594-5099-9034-64978406e253", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5d03dd1e-9704-5bb6-a998-ace9e0716856", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.11-tuxcare.5" } ] }