{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7b8cbfa3-43ee-5218-a7cf-b068c2c97117", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http-netty-server", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6aa81df7-e12d-5442-842c-ae84764e1ea4", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6c57629f-183d-5c1c-9a62-b3300532c062", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4e1b831a-9960-5e6b-b9d1-71ece07d8391", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2c8e201c-126a-51fa-9069-f80a850f6860", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b779a485-ae7d-52db-bf05-e13840ec0c60", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:98d46528-ad72-5d3f-8470-0be36eef2d4e", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c3d878dc-d80e-5dfa-89e2-bb03120656d8", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:546756ba-2a55-5e2f-a36b-0d8f35a9e45b", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0849b0bf-fa66-5df7-ba30-b12ef7295748", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bd8a9e23-694a-54c2-a3cb-9f031ee822e8", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:237313d4-cc88-5544-9d52-2c2e37cb522a", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c6f75b56-1128-5376-809a-feb687c7089b", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:92cbf8eb-dd6f-52a2-a37f-fe6a5f52d6dc", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5a12e4c7-04f8-5b9e-807c-6baaa9fe6cb5", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f447bc86-e42f-5fc4-bfb7-9f8c1e1aaa0d", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a96d3041-5710-5376-b63d-83414416f3ea", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:adf028ee-cbc1-5b7e-84a2-651046580c7b", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-transports-http-netty-server 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5e005ff1-e5fa-590e-97b2-9cbbbebc84fc", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:abfa7b74-6972-5bca-a526-3a5019666512", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:25a87926-5786-5cb5-8f3f-a4ac4a9e4202", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e4f3aa59-2a08-5925-bd60-12ef57be4bdd", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9096f9a0-ae75-5d0c-b9d0-2efde5bab757", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5050fef6-68d6-56ca-b4ce-4fd5e9424f7d", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:62bb65d6-287e-5da1-af0e-31b1ead63a11", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d724afed-9ac2-5041-bf7f-078c6eb4d7d2", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:232298ad-79c8-5bf8-9bec-299400249c4b", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http-netty-server 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8ab8253e-d440-5753-986e-c4c422fc9c70", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f3708b8f-03d1-5534-9b8a-b5974cf8e935", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2abcf10d-9182-539d-982a-323f296223ff", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b9cf9f03-56ae-54e0-89b1-587e85945a8e", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http-netty-server 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8d7b9857-3056-5ae1-b837-4ab068dbed3d", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cadc0471-164a-5f71-91c2-59bd934008c8", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ce2c8b47-4aae-5fab-a80e-fcfad5ef3399", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1054e868-1334-5808-b12b-e73cd15c7cef", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.9-tuxcare.3" } ] }