{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b0c165c6-9b3c-5ec9-b07d-931efcdb35b3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http-netty-client", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9f2cdbad-3e60-54a8-8e72-58f557354739", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:818b76af-2c6d-5b52-b923-ce98babfad63", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:968a7541-10fc-5a96-819f-06ba2a2e8307", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cac31e5a-47e2-5cef-a5ee-8bd85eaceeaf", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:203646b0-9aa6-529a-a841-2473df23ae28", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8ddda5e9-6993-5aed-bc14-03af8d3e9924", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bdbe6a56-2067-5476-a18a-38efb8fba3d9", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:69b17744-edcc-547e-b671-e9c31e36bc19", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bc471925-adde-5b3b-ae60-5c9c7d7394d1", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a90e6c73-6923-56cb-99e3-4317c34275e7", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7595d3e5-0794-5a16-a453-92face3e37bf", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:73bd5b9b-f3f7-5597-a396-6d07c40134f7", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4a4b6b9b-59a2-5569-acf6-3f327ddaee83", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5a3298e3-5126-53e9-8f1e-49fa16d7c72e", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ad43449e-940e-5bd9-8bdc-5a5245fa3570", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:086665e2-7280-583f-8468-4a1264541132", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e0d39e5d-9652-5973-9203-517ed3dc9bcc", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ee08fb86-570a-5f74-b3ed-c632e9edac93", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:51223713-db62-52f4-946e-97743e0d9d31", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8451a69e-319d-5810-8be2-02aff83a7449", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0c2975d9-1b6d-55fa-97cf-b03705a939fa", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ecb6e6f4-141d-564a-95ed-9f103ae4edfa", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fc88d187-c358-5eae-8b9d-56abdc01f7fe", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:98dafedc-9238-5cc3-95db-4d4068afe84c", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:20357f3c-afbe-53a8-9ff5-665956c7a662", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:43c49c30-fdc6-55c8-bd92-ac35e1cc91e9", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http-netty-client 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:091e7f14-1b86-5545-9eaf-53cbb720bcb8", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cb336878-3652-5ff6-bb51-72a0d2a92a07", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-transports-http-netty-client 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e8a8c362-7e76-5c1b-a102-8ea66b082a13", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b76fd195-ce8a-5b44-81bf-cb3be354dda7", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http-netty-client 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f198491e-5a02-5922-920c-06e315c9b7f9", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e02edd7d-a25d-5cf3-979b-10251528fbcf", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.11-tuxcare.4" } ] }