{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1cc3f94c-c02f-5c98-abd1-f9f4bdcddfff", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http-netty-client", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:06fd6d2a-ef32-557a-9e70-0489093f0f93", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9fcc73ac-bbe1-51bc-b58b-1001dd28f44c", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb76e9a8-abbe-5051-b827-051bee40ef0b", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cb258124-dc5b-5aea-b536-fe66d125cc20", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fbee9fab-155c-558f-9741-4b68455533aa", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:52e2c7f5-2e8b-5ee2-8038-8e19947e7845", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f6081929-2989-510d-a0f6-cf21c3855a08", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c24dcebb-25e0-5d34-b351-efeeae71e7ac", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24eb7784-fa4b-58f8-9c05-534130d8067b", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:81f08ef4-8613-5a46-8539-c8be00378835", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5bda1808-468b-57f9-8b69-649ee84c7cb0", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cca30b77-911d-5eb7-8144-c3df6b99c208", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af90960d-1d45-5e14-9725-6973e6779ecc", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1fb9f6c0-f132-5372-86e7-fba9559994a8", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d014035-963d-5fa2-9522-3ad2366830be", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ea5b5938-f56a-58ac-b3b8-40ab50718796", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba8a0990-fec9-567f-b5ba-64200df3e00a", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-transports-http-netty-client 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a34874bf-879f-5583-a5b6-a0ff5ba288ff", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:76cc4a78-8d06-54db-9162-4e783668dd81", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e96e3261-1286-54d4-9ec9-a9cc77dd922c", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2c66fbb-0d9c-5f52-a246-f703a915901f", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e8af573-c156-520a-b1e3-30a0684fe79a", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c0628ba9-c959-53bc-85ff-89f72a4f2dce", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1ac6a6a8-9d08-561b-a88a-a8cc29aa4019", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5f60d79-8b2a-507d-a20f-06d94161f711", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b468037-4dfd-5541-82a7-e56a59266672", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http-netty-client 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5771322b-8b11-5792-a5c0-f027419f8144", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df7e50cc-9680-5d0c-a9be-bb249b6b9dde", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:86f592b7-3281-545d-bb3c-43ed75a3b02d", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e152814a-eb32-5d84-a9c8-1d33af0a4cf3", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http-netty-client 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f2903f41-271a-5e51-97dd-49c21dabedc9", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:acc2b23b-3622-5345-9d63-842522a5e2d6", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64e942be-d8c1-59e5-8119-0877ca1f1a52", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eecf37b6-5fff-5d9f-8e60-89aa96807aeb", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-http-netty-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-client@3.5.9.tuxcare.1" } ] }