{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3255f000-1700-5c7a-8f5e-12a675e52c5c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf.services.sts.systests", "name": "cxf-services-sts-systests-osgi", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c0cf1f43-1a79-5537-8d93-ea9770c6ca63", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:44815adf-ed8c-52d2-8305-06762b231227", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0ccd937b-4c87-577c-bbe6-5df87de58bea", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:01c23657-1072-5669-8825-821da89f2dc3", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:829e212a-a2c8-522c-a809-c05e6cb44203", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:31fc5be3-b382-569a-8567-b7a1a1c4e9b9", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3dd51d35-3cd9-55a0-929e-97374cab251f", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:612d435a-43a4-52ee-a22d-0cd76c83b4b3", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:084dd8dc-d18e-50c9-bf25-950884a6aaf3", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:da0efe55-53b1-5727-8ada-93c8b3d7ba7c", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:49a807b6-9e01-53cb-a1a6-f469b105034f", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ae20e8ca-2d87-5b7b-878e-aa04704271e7", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2bfc0751-bc7a-533d-9f5e-ff0eeb097411", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4a8ab582-0c0c-5cab-bc74-a118d08c131f", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b43beda7-66dd-5b62-bd69-f80afba7a8c5", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b108a331-9063-55d5-838a-69a5e92525ec", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3dc654ab-dfd7-5ac0-ab5b-1a1f9acddb36", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:57dcc05b-a71c-5d1f-b6f6-397bfa961e5a", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3a7a3deb-a369-54aa-9ba3-cfcc136d9772", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3b8ec1ee-56b1-5604-85c0-59800dc7a7e4", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:69470679-9ffc-58ce-a9cc-d29683d3ff3a", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5c3059ba-2656-556d-a553-fb648f898e1f", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:49dee337-ba58-5aff-81c8-3c381a5d89ca", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b045215a-a8ac-5a7f-af07-9eaf2e3128dd", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:47ff4ea8-d235-5d7b-91c8-0df4220467ca", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:276ae962-70a6-5b20-b99f-79d426b9ab0a", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:57543d4c-4e6e-58c6-9dca-3ef7e51c47c7", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9f24db70-8dad-5a4b-8524-9502d48d025e", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d7ac903c-0ea9-5b96-86dd-c36d5921d86c", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a2b9c11d-e0f4-5046-80a9-5321566e0f78", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fa28b53f-3036-592c-8d9b-86890f8a31a1", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cb5b8dc9-8e70-5e77-8430-e7ed554976f7", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-osgi@3.5.11-tuxcare.5" } ] }