{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ce85938c-9b43-5506-866b-5362a38b4732", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf.services.sts", "name": "cxf-services-sts-systests", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:857edf6e-2b36-594f-b99d-9ee37b5522a6", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4f6c554e-e3d7-5a26-a39e-eeda3a980cdc", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:087a3d3a-bafc-524c-9e87-db7866e7b65e", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d8a6b01f-0b5c-53cd-b0b7-8dc370eee10d", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d814ad6b-bb2b-59b4-82d6-ea894be0cb89", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:679daf23-643e-5495-8ee9-818e171835a2", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1240b430-3cb3-50ad-8885-865fc76c8e25", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:87c3ce91-70d6-5983-91b4-8fd29f6f9aa4", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:704824fc-23d4-5953-bd8b-0d0f3d8e3468", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:54c3d474-2fba-5632-8ed8-be723b65ee18", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4675a59d-bd86-543b-a565-020a4c2310c2", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9ba61c06-bf64-5042-a8c6-8880cccf0c90", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3ef986fd-caad-5970-ba23-a86a2ce68c52", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e884862a-e130-5f97-93dd-e7f3e8bfedb0", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3b3226ad-d839-521f-bd2b-572ce5395645", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6f6d535d-d792-5110-9a89-45e966120c24", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:130242a5-d128-5c33-9a38-f348bcfdc4cb", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:50212bc1-ca88-5b7e-9bb3-9e453088182f", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e4b84600-186f-5180-ae1c-b474b828e03d", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:947f9111-fabc-5f99-b24a-9986c31ad639", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0d2eb6e5-5644-50f5-9bc9-6edd0e344c78", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2b643bde-5489-5b35-a349-ef979d9a3137", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:47778573-0e01-5bac-9501-920e9ff17347", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a0ece624-893e-5a7e-85d3-91f8ab1df7b8", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bb4f6609-6ce3-5c04-b560-beb160c2ed94", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c567bb12-50a4-5e2f-b12c-29b04a8c5401", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.sts:cxf-services-sts-systests 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ae4689b5-af11-5074-b9fe-406718bcbbb1", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e340ec78-9aa5-5a6c-ac0e-3d0014743069", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.services.sts:cxf-services-sts-systests 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7e1d821f-f171-5783-840f-4fc734a4fc00", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1f089e41-45fe-5588-9f07-c30416019bdc", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.sts:cxf-services-sts-systests 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c6a6f910-6d9c-55e9-92f1-ddfa73640fcd", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:02882ebb-8c0e-5bf1-b7d4-fa5afed959ca", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.5" } ] }