{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1eace764-8c97-5450-ba11-06be47ce270e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.4.5-tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http-netty-client", "version": "3.4.5-tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.4.5-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:491d4bfb-c574-5da2-82a2-a07460b45801", "id": "CVE-2022-46363", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-46363 is fixed in version 3.4.5-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c37a27a9-f4c6-5637-89e8-b72402df533b", "id": "CVE-2022-46364", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-46364 is fixed in version 3.4.5-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ff3f3c45-eda0-5ed6-a0a1-7f817b81d18f", "id": "CVE-2024-28752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-28752 is fixed in version 3.4.5-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8537ce4c-6d31-5dee-917e-25944518252a", "id": "CVE-2024-29736", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29736 is fixed in version 3.4.5-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2cff8a0a-1165-5df3-a28c-7388aa16904b", "id": "CVE-2024-32007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-32007 is fixed in version 3.4.5-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1a23fe4-2cca-55c0-ac17-c39b51a029c7", "id": "CVE-2025-23184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-23184 affects version 3.4.5-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8d857c49-f6ea-54d7-949b-40ed0bcbf19f", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.4.5-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1de5cce5-a719-590d-a071-5ee145c64931", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.4.5-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.4.5-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.4.5-tuxcare.1" } ] }