{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e69e0be1-fc6c-5c26-a11f-26acbb101291", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-oauth2", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:94776e14-e37b-5699-86a8-8ccb1a941dbf", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:67f653c6-2fbc-5d52-af72-a4fa3356cae6", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:58e4318a-8228-5158-9607-b24639f9da4b", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6f3b64bf-3031-5004-a6fd-9245d0dcb1cc", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7f4a104a-3106-5e08-8f85-88af0b935a05", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6d50cb56-f1dc-5cfe-aa76-9570a679e6d2", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7ca69680-45ba-5225-a0fe-cd5b7749b5d7", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f2327a5f-fb8a-5e96-b375-368df5031563", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a0e668af-240a-552d-8ee1-bc6a26de323f", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:27c554ce-87d0-5afe-8da5-1a557c041878", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0d060f53-ea02-5154-a971-2264d52ff15d", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b4c0dc39-0473-52a2-8080-406cf8697623", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:042d4d86-c300-5dd4-bf34-b15537f03288", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac7be1ae-8da7-5eec-b536-6015719d2480", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3fbd0496-66d7-5898-a58b-13fa148e2dfa", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:43984457-fbf7-5f80-8441-37109f3f7c6e", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:beb98fda-afab-52c1-8923-66b8f4742c64", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e4983c68-268d-5bc5-ae38-2ecc324a39ea", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:450f8974-0874-574e-9dc0-fbd75fd86d09", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b0b49f25-4d39-5ccc-9a74-193df22794f1", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ad7e7be5-f57d-5a71-a40c-99dce1bf5028", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bda5f8fc-9e93-505a-ad33-9dfeb9317f60", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:779b1b9c-6f36-5b6d-9911-bf57a83d7fef", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:494203e9-4e91-50a2-becc-3a22aa01e4fb", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:52c79e10-2366-5331-8089-dabdeca11b37", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a3e9d515-5980-5545-a755-ddeb9e238e08", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth2 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bf09059c-6cd5-5945-b4fc-677a4e1fcd27", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e82c9d6d-463b-586a-bcc7-6ec53d987173", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth2 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b489bb6c-f3a6-5493-ba82-bb057fbfa37e", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a544525f-fdbd-5059-b28c-4699b48cc6ee", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth2 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:24c01ae6-eca3-52f9-963b-4f8b1ba30daf", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dfe29007-58e5-5a97-99a6-4847c5cda076", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.3" } ] }