{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1ea1cd5b-7d72-549d-a9f1-3612e06c7f73", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-sso-oidc", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fcba9dc8-d179-5156-ae85-7d3f7a0923c0", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:903cd602-d72c-54b3-89c2-f3bda2845a0f", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9968e1f3-9788-5f6f-b684-0b6290a6240a", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c892b996-1008-571f-b088-85ab0f11cc6d", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cdaf9952-6d8e-55aa-ab2d-2d835493a016", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6eef5c7a-3daf-57ae-9ce7-fb9cdfc84607", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:97782dde-0de7-58be-b722-f44a6082f6db", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:54e10849-dd7a-544e-b4bc-50604f862890", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e0d2973e-5f78-519e-b617-71dc1d9ad68d", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6e5ef18b-c1d5-5840-aecf-bdc25bbaf636", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b9719f6c-7d42-562d-8ab9-ffed82e93a5d", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f6a5bf53-a105-5917-89fb-72ee8f2bdc48", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4fe85d4e-e8d8-5c94-a645-a79b63e796fc", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f7dd8584-d340-5b47-8af7-3ab0c270f8b8", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6fa87156-47c2-5143-9f07-faee3c8252b9", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:47b7230a-e149-50aa-b959-3401be103574", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2484d0b0-ce03-5f3a-a9bc-53c698916a27", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9f70724c-0589-593d-91ed-4c4edaa916c7", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:47c4e6ef-21d7-53dd-a561-226d7fbdc674", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cd612f9a-2843-5b88-ac55-8781d30de256", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0722c388-ae56-5fd6-aa35-033b9d55e319", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a80596ab-dc83-5672-b8fe-5dfa97f7c51f", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a87d045e-c57d-5629-b07e-8acc9867b18e", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:df4d0c9e-a6f2-525f-92fa-a889d4273b72", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:32fb5a9f-9ab5-5d4e-b276-90bbd186c7ca", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1bc8bfdd-2aba-5025-a93b-93623c0c1584", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-oidc 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:100bc1bb-5040-5a66-bca1-5796cbfc493d", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:027cf91a-7b2a-568c-8b35-e510302ca337", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-oidc 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:571f61f7-9661-57bb-8b7d-c27c3c614417", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3bca4199-ef6d-5b16-9e44-73f028355e01", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-oidc 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d9935e8d-8d9e-538d-8f1f-4dbf2a0cae2f", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2715bc8f-ec4e-57c7-86ff-f905c5c90f18", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.4" } ] }