{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0731625e-0c0f-5f0d-bc44-b840470495ae", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-oauth-parent", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:893bf32b-f96c-5c7d-97ab-1a24f44238c8", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a01917bb-5cd6-529d-accf-8e6cbc8237b1", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1bf017c4-1563-533d-9833-a231f10e04a2", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0f66fa02-cee2-5eea-a1be-1ac38ab95a72", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:303013ee-4f65-55fb-8021-db36c7051ce3", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8e9f3017-de2e-5137-8a06-c6567d2847ab", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7b41ce40-1da7-5a73-a6fd-d80a703fd075", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:57782dc8-7a07-5408-9723-e2be8a872b68", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c478db00-032b-5108-b5e6-a472468228be", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2f27f994-1a44-5c5f-b307-72d4fb870541", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7457e482-b197-59aa-8b42-ee1e1b02b1ed", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a81312e0-8d4f-5a08-a1b6-95ce3536529c", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fd8556c5-9636-56e9-973b-e591eeeb54a3", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:48e2b5b1-cc2c-5633-83c1-544e9cbbde61", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f044831b-dda2-5a04-852d-18e96da51870", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8f2e3a79-7f29-5195-b4df-fd94bbae8fd2", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e182b356-4b90-56cf-a457-8461401aae6b", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b5489d1d-a07b-5fc8-b7ca-5b94ef72be7c", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c14fe138-4853-5d09-a659-95a97c0c5b80", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:56363240-3621-56fa-962d-173bf5d19c20", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f8a99ca1-74ac-5af5-ac00-56ffb36e55b0", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:556df2d4-7357-5316-b9fc-c865618595b8", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a88991e1-e23b-539a-8245-9ac7a2329810", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f32cc4af-ae4c-5c4d-bd29-34fe3162ad32", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fcabb827-d847-52a5-a68e-72dc78fde83e", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:35e0a846-069c-5b8c-afcb-65bd756a4084", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth-parent 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:409cf111-bb68-5709-a665-a9d9827eacb5", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:76c90a3d-5c3c-5bf0-8fb4-df2c94678daf", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth-parent 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a155dd06-4deb-58fe-af95-3d9fdff105b4", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1443eb60-010d-5d00-868c-6aa831222aa9", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth-parent 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3e94dc75-6e1e-5ed0-9c35-1b780246cb6f", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:879e80ed-05a2-5407-b79a-b9efd1b365be", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.11-tuxcare.4" } ] }