{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bc5fd6c3-8dd8-5af0-8084-c2e729c44b36", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http-netty-server", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:58f590e6-9c62-55ae-b4d9-3c752bb3b17e", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:cd990262-6880-50e8-9bd7-2e9d4cbbd2c0", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:734c43b0-65f0-5564-abd4-cad0d014f22e", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fdb10ef7-e1c2-5e33-a158-690fd350bb3b", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:48c2fd51-e2da-521f-a81d-3fce3c89c81e", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c5e9443d-8995-5654-962f-8952ffb5aaf8", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0d711d0c-de03-5b95-bdf9-7abe7f2367b9", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9716712b-05ea-5206-91a3-c66cbeda1922", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0f478a51-4cac-59a9-aa76-9645143ecde0", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e0254ed9-fbba-5c4b-a50f-61dc9cfd18b4", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:98dacbb8-137a-5369-92da-de1e3e4ac87f", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b2fb9ed8-22eb-5807-930b-9f8bbf66d18c", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:31006dc1-e55a-5c4e-8d96-df9c22ad4444", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ee446b7c-9ba1-5c26-acd3-91c5a7406ba2", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:149d8eb5-6837-525e-a3e5-2024ac51bcfe", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b084b151-0a2a-58e7-8f5e-687c7b61bb4c", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:abfc697e-20a7-59d6-bf6c-35b1b60c9f88", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:de733354-fc9f-5cf4-9c81-67f2d2a6faeb", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:aa9ca51d-f5da-524c-b74b-244f705a8db4", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2348127c-2523-5acd-bc87-61e7b755f188", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c1d2e21d-f8cf-5bb2-8ad8-9b3ae0d4fff3", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d563a7c2-3fa1-5eac-9e15-01c4bc02eebe", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:bdcc101d-14d0-5116-a81c-298c1f586f5f", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7504131a-185c-5dc2-a57b-97393a8e6d62", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2cb4d2a9-365c-531d-bb2e-a740b538e54e", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:dc5576d7-0e41-5df6-a4bb-eb15fbd6fd3b", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http-netty-server 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fc7a4639-3311-5d3c-adeb-001e0884ae94", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:701f39a3-bbe7-5ad5-bdeb-5e1a803aa43b", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-transports-http-netty-server 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a47d1c8e-4f45-59ac-a623-f502f2384cad", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:46054d06-bfef-5474-84d9-9dcfb4670513", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http-netty-server 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:42c84c3b-07e3-52f4-b9ec-07e991bf64ad", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:bd8dacb4-3a03-57dc-a4ba-2c8d78cefd70", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http-netty-server." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-netty-server@3.5.11-tuxcare.7" } ] }