{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d18d82eb-940b-5a60-9552-ee6012ff8d71", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http-netty-server", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2f070c22-1701-5c8d-8cbf-9df3d7c8ae90", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c8d1dcd5-6109-55ff-90e8-d51b3aacee1e", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dfb74ec6-5c82-5fe5-8de8-5f7700bc668f", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e093bdfd-fa02-5eac-a86b-3fea58fc8bdd", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e04f32cd-130f-5044-8d20-fe09c9729dad", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:345badbb-244d-5e5f-af45-d2610440a53b", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c54358cf-2d06-567e-ac26-69fb0f84d2cd", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:94399824-7db5-5e61-904a-a35a3bc620e7", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1d8441cb-bdec-55ae-80e6-1cfe9e9b3bef", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4a4b4020-64e9-54f7-a632-fe94b2fdc2d8", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e29f097b-578c-5d83-85cc-bf10e31c1cdf", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5107d5f2-08e7-5818-9f9a-49b0f8d2bf38", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:75b3a824-e2ea-50fe-bf80-b257d5651d73", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8601be47-0baf-568d-bfd1-2837bc68ad89", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bab97b4d-cfa9-5d6b-aaca-6bc92ab0b7ba", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d1ff3489-545b-5e02-9374-40f4c3eef787", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4ed47deb-58e8-57f7-af2f-39b4cd54f365", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:473d189a-8526-5ab2-aed7-404fdfe4245c", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b30a3286-7218-523c-8ad9-ee069b7c9ad2", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2a2b3d8a-fda5-5458-8ad4-dad7e2e3102c", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7e4d5500-09a4-59cd-9445-bdb62a37c511", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b939edd9-e796-5f07-8157-edd1d54db46b", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4676b538-c3be-5bb0-be66-bfaf16a7770d", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:13590f3f-1c99-5a7a-8d8b-74c91b1a068e", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d0bd71a9-0207-53c0-b736-22ce5920e3a5", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6e7cc913-235a-5526-92e2-9078c45355ee", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http-netty-server 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:11667f8f-dc15-57e9-87b0-78713e1aecb6", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b39cb654-a3e1-56cc-937f-fae4f33b48eb", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-transports-http-netty-server 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a3b6fd02-96bb-527f-8076-8e8de6349e50", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3e477f85-a0a4-5132-bd6b-7a90841eddb7", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http-netty-server 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:976b5640-c808-59c2-be5a-de4c954fab87", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ab6dbb08-aa98-5f38-899e-4abb23429ea9", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.4" } ] }