{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e965020c-aa16-534e-9147-d9d2e439da73", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-ws-transfer", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:50e65164-97ba-5e06-a761-bce698ef0865", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a9acbbb8-9c0d-5674-8a06-40b328844a32", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dc75ffb3-7406-5e41-a631-258b343d218f", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0ba08497-7d1b-5414-8992-0ed2e27831fb", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aeee91c5-ae92-5f9b-bc25-c7f9f7013471", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8b73f7b9-10ef-57fd-8340-c89d6927e55a", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cc7615fe-4d3a-579f-bc59-56324a1e57b8", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8a19c877-b86c-5050-880c-b169310f7450", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fe70f49d-aa3f-52b0-a110-1447723a9b5e", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0d24521f-7735-5368-af59-5b0870757bf4", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dcb1467c-42d3-5570-896b-9f9b4da2b7ff", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:96d6970f-b57a-5fa5-b04b-b88836b26368", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:24905c2b-5cf5-5d5a-99ef-2695243bbcda", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:20c0b802-61a9-5e57-b87e-dd895ba0f058", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78162afe-d550-5eb7-bc49-b9101329be93", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6362a24e-10a4-50ac-ad0f-6f17bf13a0c9", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:131c3ffd-d252-5f04-9d00-a71ca9d5f6b3", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-ws-transfer 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:68125fa7-181c-501d-9e89-c5a188c32436", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:68b773ad-7488-5dce-a336-0c6cd127096c", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fdfb3495-9d3a-52d0-ba3d-cc0bc1ec6945", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3eddd483-8d98-57f0-a9aa-d45413e88f68", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6f4bfa6b-d718-5cbc-8bbd-8bce5a308526", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fe683a43-b624-5773-bc2d-00aef0d46a71", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:322bbd2e-12e1-5c4c-8f71-8cf224df0870", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4aabfe2d-d2df-5066-835b-a6836f38ff99", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:36c744a7-a486-5e04-b2a5-c8d17723dede", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-ws-transfer 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b61437d9-b1ca-5804-a4b1-4650c89de22d", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fd19be14-aa92-5ef0-aba4-d9f07c231b57", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:47a86aea-2024-539f-bee0-586ff1682e6b", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d6910309-68d5-553f-8b54-b76efeccc654", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-ws-transfer 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2aec43b5-29bc-553a-82f5-b0768304e293", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fd44f1ad-a740-5c2b-8f4c-967304d061de", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d5ae3ea5-838c-5649-b7b8-c174dbfd4af3", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0b52bffa-19f8-514c-b719-1e438edcec1e", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9-tuxcare.3" } ] }