{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e8ca6d5e-da11-51aa-bd85-6dd731b6db2e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http-netty-client", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5ac8cad1-897c-5636-8931-28ca74728230", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:be5f42b4-fc52-52de-8783-4d13e78dd4fa", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:617fb583-a7b4-5f6c-9125-8b748427a745", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d224065c-ef9a-5815-a095-391e33966b08", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2d1a4889-d5ca-5b32-a23f-70b79dbf9dfa", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f296e061-6e51-5e5e-886d-ec6035604941", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0d50606c-6a15-5045-b30c-2fe6ab61d515", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1a6701e9-4c5c-50ac-8b02-225aea1c5c38", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5de9260f-df1d-5c75-b856-d700bb36fb70", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a51581ee-292a-5a1a-9d7a-d8fbb05f3188", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a985a0b5-4b5f-5b0c-8cf1-8cb5e762b8b4", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7225b738-0c92-5b81-a6cf-41daf1cea8b9", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:df8e37c1-988b-5964-b630-352d5383a7db", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f019b794-ad07-5f00-8bce-018260212335", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f2398c71-b6a6-57df-b028-07311fcd0e99", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:63d1e246-d6e4-5fe6-9c9a-694958597111", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c80eed42-b2b4-53e1-8db9-859d22521d79", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-transports-http-netty-client 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b0c95a49-8555-5cf1-9c65-3218813cccf2", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4050dd92-1f19-5508-8531-111738215ae5", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e867f1a6-b23f-536b-8c68-e423324f807e", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8c561d52-fa56-5a6c-a6ac-74b14035cb26", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a14be803-0624-5d23-bc0b-4e92f0d942ba", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a08701f6-2fda-5000-9824-4ec389b38d56", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:591c8cde-2c7c-5bf2-9b8e-82e92322d4f4", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6023663d-a92d-52a4-9317-068ba77e4a69", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:88edae95-3e9f-5e01-a687-62ba54fe60a5", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http-netty-client 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5b818c51-e5cc-509d-a359-ffb6fc5ab96f", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2f7452e4-980a-566b-87d0-f4cceea80a3a", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:adc5bcf2-6c27-5b49-a4a3-2620158eca42", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:de5e967a-5bde-5c20-af08-2f9a3225c05b", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http-netty-client 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5636e4b8-d227-5279-b96c-28970d8ebf9f", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e6517bba-6754-569f-b535-09c4f4fea0bf", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:602346dc-fa2b-5f4f-aa02-06e0508ab5a9", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:64868955-3ca0-5d8a-b6cb-5aaee8798c30", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.5" } ] }