{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fd097312-52ce-510f-8455-56950039eb48", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-ws-transfer", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c1c8e7b4-2d0c-59ce-9a1d-7d78600018fc", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:66bec0ee-9a96-589c-89b7-fda247f640fd", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75280c60-b337-54ca-bb57-4d2b81df1bef", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f7a173c7-6518-5f8e-b22e-1def1bbe082a", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:27167cc0-0abc-560d-a5d1-be0b606d03c9", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf5a502a-cb92-558a-baeb-c30f5e657069", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b760944a-230f-5f6b-a101-14e779e4c465", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db456efd-8606-59ac-ab0d-ed517dcfe58e", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8cbee778-37f5-5e47-8cad-bf3543211d1d", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:53f15fbc-2bf8-5032-8132-d07dc1ffab32", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:745ff182-b1e8-5011-8106-1155f4ccc0e5", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5872af1-bddf-538f-8d92-57e60f5c22fd", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:636485a6-a2b5-5d92-a803-3cf80c0a7690", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b6c75f47-d7f6-5a2d-9380-4bf8eaffd4e4", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e87a1cb-906a-5c06-9588-425f9865f2ec", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e18d570f-1998-569e-b70d-34b695cb70c0", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e5077e5-5c2a-56ab-bbc6-e1e08b3fb1b2", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-ws-transfer 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e4318e5-0e86-5d02-b1e5-ddb731e7dd5a", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab4b5893-18d8-5f66-94e2-ac75b47508a6", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f4bbddc3-f6eb-553a-9b87-6cf94201c7b7", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1fe972b8-2b5b-5ef3-a981-c387555f1407", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc9b3faf-83c6-513f-975f-4e4f4f820355", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:53a75d21-46ff-5449-81a8-ed15784d2776", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af1adffa-4aec-5df1-a718-1414f0f84ace", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9685079e-9f76-5f0e-a4e9-cd32220f5d63", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af2d0a41-df85-5fb0-99ac-c3e1196d56d6", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-ws-transfer 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7259b7b7-9374-54a1-9a6f-70e44787ea2b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:11784a2a-5ee0-59c6-86bf-c4914f3f7c40", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b38eb89-d39a-5c17-92d8-fc614c9921d3", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d84b40cf-5fc5-51ea-af96-d54d2a3b9af8", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-ws-transfer 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cbc12f3d-fd32-5c16-89df-a9024f76d901", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e20e0e7f-b9b3-5885-aaa3-35920ea33b81", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cebb73cd-8232-5238-b6d4-6d47238139f4", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1847cc3a-9da4-56c2-a743-732c0501063d", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-ws-transfer." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-transfer@3.5.9.tuxcare.1" } ] }