{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:33e1dd51-b02b-5f3a-882c-367e096c7654", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-oauth2-saml", "version": "3.5.11-tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d58f84ac-5364-5f2e-80c9-653351c9868e", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca8765cf-2819-5a42-af4a-8eb3f907bfa7", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:597d23b3-5331-5888-8993-361472a92995", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d7ca6505-76cc-50fb-8a88-23376bf7d95d", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4812d0ba-8323-5e21-9b44-ea0b26e6d842", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d047523b-58c4-56b6-8221-8dec26454e8b", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa458908-c17f-5d5d-afc8-b1388039db16", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0fe4690c-d70f-51f8-9605-330f699f5fc3", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ccf57188-ff28-52fe-97f3-f61766751109", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8dea6ca4-2d1c-55a7-85b5-4a2457d10515", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0bf0dc36-d504-5466-be53-7c50ddc41840", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ace775b-e8da-5bdc-95fc-984fdd6673d9", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2bf4f45c-d792-5294-824a-c7f28e2c38b7", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:753fe307-c271-5f27-9a9b-1b5cbe67d42b", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c0e3d967-a48b-542b-a6bd-b3298b7207c1", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80f59ca7-dcc5-55c1-8d9c-e5ca08e4835a", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b06d3818-98d2-5ccd-9e11-3cbcd2209993", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1d01c0e-3010-59ac-a5d3-0ce47674526a", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:65dcc490-b588-5bda-ae09-821f662335fc", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c79ce89b-1d0f-55ab-8eb4-c315efe0b3a0", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0aa019b-4d24-56fa-a408-d4d8d1dd0f2e", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:897642ae-f2f6-599a-9f12-ecce233771da", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d64749ca-e006-530d-9367-37e2fe54842c", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b6948ef6-7a61-5e63-9eec-06d848b26d48", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:223e3803-d570-5c78-bb08-e42a89eca7ba", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:568e524b-15a3-5824-b4bf-cd4d571d80dd", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth2-saml 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3992543e-1bfa-5a4a-96c5-48e7d3d6a809", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7aff87af-8f6c-5940-8ec5-a2fe3bb837a9", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth2-saml 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad86419d-a82f-5b30-80e4-e4dcefab7722", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1996edca-a101-5974-8dfe-08d25197df5f", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth2-saml 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:145ad830-e517-565b-9ebf-e06bd943e691", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88cf8cbe-baf6-51b4-b682-8680a79ca736", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.11-tuxcare.1" } ] }