{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0a13d80d-3195-5ba4-9b19-aaa0064ed2d9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-oauth2", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d55dd53e-39a8-5fe0-889a-1108720e8492", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:846f94a9-16f9-55f0-9e1a-0d4f67207826", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1e505094-fc4f-55a6-93a6-90b4202c951c", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e4c08d56-e5a4-5cd0-8171-e03dfff99330", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5fd133f4-d513-5864-aec2-c7f9db22ec1a", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd5df0ea-b0bb-5040-928a-0b29d36425b7", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:707b4b6b-50fb-516a-aa6e-fa280294674f", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b2fe93fd-9bcd-5f31-8f7a-4781f447f095", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eacb1d09-80bf-5be8-9c32-3bb3662cbdaa", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b8bda707-4d53-5fff-b6c8-24a21e9bf0d7", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7870f042-57b6-56cb-b7ee-ff125fe48931", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:692a5381-6e58-5bae-88a3-2d87d4c6b604", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:94099851-5841-5c93-bc9d-5fa03762afa0", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6883e7c2-cc5c-588a-94ea-4b963d9bc0bd", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5d8c946c-d94b-51ff-b5aa-6e737ad5ee83", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0bd2daea-72c1-5449-b2f2-a87015e1c1f7", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c39d89e6-bf0e-59af-b7c5-9237d6e445a4", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:118805c9-344f-5bca-8bf2-3b78ce8d91d5", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1386cdb1-3b87-5a5b-a7dc-63e3c110522f", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3ace7f1-f002-5d29-a591-b54a6702bde8", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9148c6c-428d-562f-8d51-6633d42eb3db", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:900222b5-cd36-53b4-8539-9c13f2c67d72", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cbb31ea5-8507-56e5-b4dc-efa7c1238891", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:43ec0150-43d2-58d1-96be-5d85b31d652d", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d392bd5f-ca09-5f93-89e2-484e9c4916ea", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fa0ceec9-249c-5eab-bcaa-f1805680821a", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth2 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c2a6cd0-477d-5be2-9b77-edb1f5a33fe2", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:168a97e3-94f2-5b93-b00a-6dfb376d4263", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth2 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b1766d9-fda9-5615-aeb6-6e61a9b29c1d", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:51b2e0ff-1d87-5521-b514-34db30214e81", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth2 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79a4bbdc-76b8-5ba2-9fd4-03bd17ec66d0", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:131b8e28-e5e0-5822-8599-e9b6b251a7ce", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.2" } ] }