{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:abab3162-6fb8-5287-ab80-6b278ac3e387", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http-netty-server", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:31b7b0df-df87-5730-b122-30f11e960e41", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b4bdd350-2d21-5cdc-885c-17af7dfa38f5", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b31da6c8-a988-56e0-be4b-fd437222073f", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9dc75ff0-a0ca-5cfe-b262-79149fb89054", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:91b772ae-8346-5578-928f-379665721a52", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0941a9be-1e54-549a-a464-9ec9f24a94c5", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:09b13f88-cc6d-58ad-8821-a3b4a5097ffe", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:21aedc9c-edba-5e7b-ad9b-a2b8b1daba28", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f17e502d-3c1a-575d-b037-ccb86b82372a", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c02a5cc9-769f-50a9-9570-7547fef1204f", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c11e9983-701b-5a3a-bd84-54ee328922c4", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fb363efa-55b2-5d24-b0a7-b510e1004994", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:553b7c42-d0a2-524c-bf20-f85b85fc3015", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d7e2822c-394e-5f32-aa17-4fb811b92019", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6830203d-6efb-5421-85f3-65a3abb4674e", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d014fbed-27e8-564e-8b72-b8d7cff1502e", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:247b455a-8722-56da-bc49-99b8b7060173", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-transports-http-netty-server 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:08a4c515-c5da-5945-a010-34beb5655c2e", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:825bbcf6-3403-5c33-b385-b6393213210b", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f3d565ee-fdd2-51e1-9f1a-b7190160c761", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cc7b7895-51d7-5fac-9bbd-09e93e03be6f", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ddf24bca-e54a-530a-a016-33a64316c270", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cf7547e7-d315-589e-a69a-828ba4f1e94f", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e1b6a82b-2596-5f01-8ce3-c4a0d1c63e77", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7ccf4d00-4f43-55b6-966c-dbb6e1565d35", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8a7f5f08-0d41-5171-9cc7-d69da05b1f1c", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http-netty-server 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5b4d0fa2-90c6-51f4-ae58-b9d6be72c094", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8e68e4f1-d821-53e0-b3e7-594a633ca0ca", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ffc0c2e0-7529-54f5-b87f-7c7fdbdca1dc", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bbca0292-fb1f-5f01-83d9-dd4b06baebb4", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http-netty-server 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:05062bde-8a0c-5bcf-a214-1571cac32502", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:50c4277b-7631-52f7-a7c4-19bc57679443", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:208402fe-f0eb-5d2f-833f-27f36def34c7", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:07a591c6-bf4d-5ea3-abec-4a878f6c6c8f", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.5" } ] }