{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2ade34f2-633c-52a9-9bf4-87469c40f306", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-oauth2", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6fdee241-745c-5d5d-b408-c3c6f3fb5850", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:65736e67-623d-5de7-a1e8-dd6adaab9d8b", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c6a484e9-e6da-5f42-89cd-fc7be2ff6fd7", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cc87e38a-bc0f-5a2f-8abd-cd4d70f1f0f7", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c8d466a9-ae9e-5549-838c-ae7c2b1fe1d5", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e8622f21-0555-5dae-bc30-ae6235becbef", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:28fef60c-475f-53be-b1ee-73c1b597b277", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2e4bd7fd-ce9c-5522-b81a-c8aed46dd47e", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:63f2a5a7-b857-56da-ae0a-a11357a9ec34", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ca1b3825-a260-54ee-bcc5-335856e6acd4", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0b4aaa30-0522-58e1-b302-d483f9485723", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b1949be9-f055-5f0d-9368-0865f5cc72fa", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dcd3dddb-a40f-532e-8a48-adabdba4a98d", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ddd30e1c-fda3-54ad-8d72-fae881c904c2", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6beaf9d5-e597-552a-baa4-805239ca20de", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7add6a38-eb7b-54dc-84d5-f37e78e87d01", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:85f27000-854d-5993-8312-da0ca07493db", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth2 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:17b43975-8bbe-5f75-b42a-d17eea499645", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7b5c0f74-c781-5e87-9e75-4dee408fd515", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e347075e-2560-5c94-a271-dc75f73758eb", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:98cf587e-1b83-5aba-9d7b-fe5850809b36", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0cfba610-379d-5470-93dd-95b25db1bf95", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b0e160e8-a377-56b8-90cb-a653a5a9014e", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d36c5c96-6124-51b0-9856-8247fbcab85c", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ff9df0c3-10d3-525d-b647-a09f882ab8d5", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d32fa5c2-fc2e-5c6b-9cde-52346479210e", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth2 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d4e0d790-b1a1-546f-b988-9609f2058ed5", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cba66307-7faf-5055-9b70-2cd577fddb9c", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e1018c0b-4dda-503e-8eff-88c4b2b5282c", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:64d088b6-5d23-5595-9c31-fb31da534502", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth2 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0b3e0333-9518-54e5-a0db-40b2a05f8fb4", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:89b91518-4e12-589d-909b-d894d826e988", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5ee3634f-0ba9-5aed-a307-af40a21e4aaf", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f84c89c7-167e-56b8-8a49-79f8cf0d3612", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.4" } ] }