{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d1a5f54b-a5b7-59c9-adc9-5014c446daf1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-oauth-parent", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:302d4982-18f9-51a8-84b4-71d42926bfe2", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f06248de-933e-5465-985d-cb4a79a7f15f", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d763d668-f975-59ed-a1af-9d9aa69d16fb", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f4a758e-9291-54ae-909e-c17ceccbd3ed", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f40835db-4dca-5116-bf4c-e3602668ebf5", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7084c97d-fd41-54ce-9fe1-0d20fbc4ab66", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e0c00c2-f392-5222-b988-4533e9a5065e", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0ff00fd-cadb-54c9-b311-3e9c0c9f0e3a", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9500647d-bc7c-55e3-af34-1035d20978d1", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d51bd387-6bf1-53f0-b75d-68340576fb98", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:370c156a-e0a2-55c9-ab5e-4096f72ceeca", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f05f7eb-a85a-5c2d-b795-4666c169fd26", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dae8fc2d-48b4-5c99-825d-25cb5243e911", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:35c886eb-bab5-5d41-9282-a09435adec32", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2e2fb1a3-080f-5288-9b77-04417d3967ac", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20d72ba2-5b88-5206-be49-ed6d5039b33c", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a305ea8-47fb-5d6e-a511-9474ca055961", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth-parent 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a4cd2d07-0d66-502a-ad4a-71b58fc63fbf", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:42169720-327f-5ae6-9db3-bb1eff57d933", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:117e478c-b164-5423-99ad-bd8c95bb2759", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a485588-4c6d-5b77-922a-513e8a88f311", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:931adf3a-16b8-5b94-9137-e1e0383b38f0", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:127e2c53-e4eb-5feb-afb7-b11fc15e1272", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:02289dd1-c32e-5110-a906-d29f9ca07bc5", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1badccd8-d3d6-5a16-8115-14415c2e65b1", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:85ca7ecc-5209-5ab7-a817-6d415037e1e7", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth-parent 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f42a472-9b9a-5b23-8442-9962a224a6e3", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4a18559-5fdc-5eef-add5-0464237396d3", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e8474877-6634-5588-bb6c-a8db8a86e56d", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b341e52d-a446-53fb-bad1-c50fbe43096d", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth-parent 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0632800-b063-538f-bd64-1ef03c0fc0e7", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cfb8bcc3-0c10-56e2-8d82-a0e395fc7349", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0d8b24d7-2bfa-5d88-b82f-feddedd065ef", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4d0a511c-c34c-5f64-896e-862086efabe6", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9.tuxcare.1" } ] }