{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7cf25997-f435-5d31-a639-dbb3e903f0e6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http-netty-client", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:da958c10-3664-5e05-b48a-38caf326915a", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5a66c60d-3381-5fe4-9fe6-52f7f40b241f", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bbb4ce57-0064-5bb6-b66f-033512b8df78", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e06c16d4-0dc7-5158-bed4-9c7db94da0fc", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:69e7d92a-ed84-55ae-997c-51409b998c63", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:34538f78-83b3-5de1-a03c-70c0d2e6d22f", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:18be842f-488c-59f4-89c8-9d419299bbd4", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:54899ad4-21c9-59a8-a2a0-f9dfabb114ca", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2f411635-041b-5e0d-b6ac-ca89dc200d9c", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:164593fe-f24f-5958-856f-a996c408f33b", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:019300ac-1a31-5f10-a291-b98570ebb67e", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c31d87e8-0406-5f74-af9d-f2671465c2f2", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3a585866-eb07-5064-98d6-1c01c7e68095", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:58e499e2-5410-555b-a3ce-ede2f0f9e754", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:497711a2-f4fc-5bc5-ab00-8f076d6465f5", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:93305776-921a-5ae7-b6a3-38bbc5730753", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b260c6d2-fe37-5f31-808a-acd745be3445", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-transports-http-netty-client 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d7458829-1d24-5a84-aaca-f0fa90980439", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4972c8b3-3d5f-5583-8f8e-eeb36327caec", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e7bf795c-5225-51a6-9f14-71763a6cadad", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:97eff21e-6315-511f-ac0e-2b935a751d19", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ab218237-1707-535a-b3d2-fce64774889d", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:94f7f704-95d7-5c24-9903-0c1d6cb2dbfa", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7e12c4a8-29b0-5549-878a-40f1e4b9f39e", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bd63222b-8b88-52ca-9612-4fc84643bb1c", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:717dec27-d363-57a0-b0d7-477f86f293d7", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http-netty-client 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d9e08c1e-7163-5b51-ad98-808198e4c289", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:24e62060-c344-5dbd-b6d7-67792c4fc3db", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:581eda20-9b7a-52da-bb6f-52ee3a8bebb2", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:886be910-75e3-580e-8abf-c797e8702309", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http-netty-client 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:785d25db-802a-5e00-9c1e-618642a7aee5", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a39f23fd-0aaf-5e68-9847-6865dee1c5f7", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:24011b3a-01aa-5dbb-b82f-417b9f767480", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2c7b618f-5982-5c9a-aa4b-343c3f5056fe", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9-tuxcare.3" } ] }