{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f5c3ddd9-3902-5f85-b73e-bfd2091adf91", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-oauth-parent", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cefb2c24-bc3b-55bb-b67f-62a4b7797248", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8fa08f11-1e06-5293-8524-520fabd3337e", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d8e4bd5b-a017-5c31-9250-c655276dea91", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a8de9a5e-0377-5758-aab3-f07c05dc2976", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:27680a79-e44a-53d1-a62b-3d1b9208ce80", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42644951-0d3a-50f9-aa9c-1558a52dea45", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:87b3d3fc-f661-56f3-bdd3-0207cdf4f929", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf6341e5-4ae7-5f24-843d-b4d461a7a5c0", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:65e7f933-1f67-58ef-be40-95b1ceb46592", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:595ce46a-b82f-581d-802c-bdbcd77ea6e8", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45dec018-c195-50a0-b49e-885a5c9b3235", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7ae04866-172e-5e4f-ad8a-d11802f1ed5d", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a4026cce-02e3-5406-a0f8-061a8175a497", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c963715-ed90-5050-b02e-2552be9fe668", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06cc50a2-d032-590d-a636-fa57f3f5f2c9", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ad5d6c3d-38fb-576e-866d-4f9c91762adb", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d626d680-cafc-52e6-bd93-2934fb724a48", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d136bc1d-cef3-5f0f-9b61-432e2567930f", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b62f28d7-80c5-5b76-ab5b-4d1753ff314c", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bcd891d5-bf28-5a76-b14b-72b2b9235c7a", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd19d733-bce1-56e1-9cb3-228c6aceaad0", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ad93f023-63d1-5bbf-aede-d040d42a18c7", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:056aae62-dd68-5cc3-8479-ffdfe1a6f516", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13cc3a86-8abe-54fe-8eeb-bd22628883ed", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b09ebf5-45ff-580e-ac7f-ea94f2c53876", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e19725cd-7944-595e-a729-75a66c93a0c3", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth-parent 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6ecb6090-3fdc-531d-ad8a-67ae7d84e009", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b089f4d0-1141-5714-a9d3-a47e6c1f039f", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth-parent 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f49ff4b-5b79-588a-ab5d-cea1f0194f52", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:027e5602-36e3-511d-b38b-5c02dfc3b2a8", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth-parent 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8ec64336-2a74-5ffd-b629-60876403138d", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3abf1e5c-0e1b-57f7-a6de-7e1f0126ba3e", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.2" } ] }