{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:86ef9c36-882f-5d59-b4f3-d1b6645c4a46", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-sso-oidc", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f4b8d6e2-3c1e-5025-a770-c2d92dc0b1d7", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:157ba196-fca0-52a5-9bdc-a00b733d212a", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2220817e-671d-542c-bb49-76f1bcb26587", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:35ac001f-bccf-5e27-a5a3-3e6730d8b72d", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6c935d4d-4a2a-5763-a8d1-d96a96764eeb", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b03119da-19de-5a87-94c8-8fb13cc95735", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3df4fff2-769d-5134-8225-1f45af40cd20", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:19ea7331-ca39-5e57-be29-ac8eb4c01d41", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c50d6120-9929-5dbe-abb8-2fa0cf8e5884", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9d025874-d6bc-5cec-8db5-7b8f7f2e3e26", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5978e94f-2694-535f-b3ac-1d74953fe8e2", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:04198e5a-2cd3-53b1-8299-da5d715e7fda", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aa9fdff9-05ca-5a43-a1e5-4a84da408a06", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:618c40bd-e4d2-546d-a50d-a61337d27691", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8a8964c9-a197-5cc6-9f4b-6488c05d6a81", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3175c83c-5468-5afe-8705-653998b7de53", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6b0994e6-7a29-56cd-b838-ff91bb34d91f", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-oidc 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:990213d1-723e-557c-85c7-fc44d9509a69", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ff037fa3-b810-5cb7-97d0-73feacd9202a", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8ccd4578-4ac3-5df2-b9c0-d6ff770712c3", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3ef148af-06a3-5874-adbb-b07752f649f3", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ee84c92d-7bed-5a70-a668-3fd8e58c7c73", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:149636ea-4eaf-515c-b197-ea90c4972330", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7844f416-50e6-5a64-b643-d4a599dd02b1", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e274ef84-1961-564c-a94f-68023070d571", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7b84e349-7b03-5e98-9dd8-c79e28afd1a4", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-oidc 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c4b4690e-1f51-5990-bec6-a9c8c06e0d25", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b00016a2-e28c-57da-8956-9829f4bf8ae2", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5701eb08-7e3d-5c53-bf9b-4e43e4a0b2aa", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1b1df673-f0e6-55a5-b5e5-6e72f26bc7e6", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-oidc 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6b89e5cf-cc4c-5c0a-a616-8134b503e724", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:12aea1b6-9a8c-55a4-be95-e8b17721c7bd", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e51f3944-5005-5536-997b-6b575c0df031", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7fe1f1ce-409d-5827-8cee-ccd95e62b82b", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9-tuxcare.3" } ] }