{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8b2bae7e-a4c8-54ef-aaf5-54c7182d3819", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-sso-oidc", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8244d876-2ddd-5ce3-a10b-d8ab398f2b7e", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:169d7d01-b732-55c4-96ed-63fe69266b7b", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b257c720-0046-5212-93b7-cae646b69b5f", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96ca880b-beaf-5eee-a01a-7a8348b57cc6", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:82371703-7a79-55a7-a0bb-e78fa09db63b", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5bec7ce0-8d9c-54f9-ba22-7c9c0a09feb7", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a05799ad-8da0-54f6-9b23-523f16349f76", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4278a26e-a3df-5c6f-a539-eda4022dba64", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a14e0286-dafe-5787-96bf-7e0fd4047d90", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3056249-e23e-58ce-83c9-9d3fd398bb58", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4af54d61-eb67-5f97-bf25-89366cc3a7f0", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:98c56f62-b91e-562d-a638-9dca664b2a75", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:444a23b6-4dab-5861-8340-7bedaac758ef", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:908b0f0f-b58b-5581-9df0-f6d3ea757093", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f984e0f-189c-5a88-9e94-33e9cdfcfd45", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c02b13c0-6b87-51d0-9b27-24ee23b3a6cb", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e28afdc8-61ab-5651-89c1-0a2a8144410f", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6886d12c-a808-533c-bc95-ed0bc933a684", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc4047ae-a821-5094-9c24-4ecb39990aac", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c1f45d27-6a0f-51fc-bf1c-429c0c1801ef", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:40025cfe-7b63-5d43-98d1-f109f684ddfc", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:01ec9f89-3f78-58f4-aaf4-a269b1c227cf", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:442d81c5-5452-5bb7-86ca-5222717dd09b", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc2b7963-ab33-5541-99c9-6acb1b4eda8f", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0bfcf7f0-b894-5853-bd72-ec105ffe1ec2", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e4d03841-11c4-5317-82d1-befc44e2927f", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-oidc 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf8db1bf-74c3-57dd-a6d9-e3a2922aeddd", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c9aafb3-cbd6-5eb5-83d5-1bd9cedfbf13", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-oidc 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0114f815-5842-5692-90f1-4caca140e751", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ef9e764-ac9f-5cd7-8a06-6b2d43d6552a", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-oidc 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:614bbbad-b56d-5057-ab96-a678fd143e55", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fe3f9be3-f08a-5ceb-a5af-f772d59336ba", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.2" } ] }