{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2e1243b9-78f4-5d22-9f92-ca0509b3311f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-sso-oidc", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e5a49ccf-ae02-5032-88dd-80d9ab71378f", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9f31597-5f7e-54c2-84b0-99213173c4e9", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:881343c3-7f07-50e9-8880-5c3ef22244e6", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:41d675ee-77c2-5039-8e9c-8369307dd437", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88bf4f20-32a0-5d79-9123-fa8c6432f21d", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:26fe337d-55c2-5ca3-af80-b9feace26aa9", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:18ca084c-1fa6-5db8-b588-4566859f6c99", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83c2ec8f-191a-5a98-af17-4be748a6fe6a", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a513efe-5fa5-53ae-8722-a99e61bc60ba", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af8ee74a-194f-5929-8d02-3b6172f8a6fb", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:01e17551-0b03-592c-975b-2b12e9fe1ad0", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:43a5a759-2dcd-5878-90ea-53e6b7cdddbb", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3cf7d049-5706-5ed6-b114-82cbdbb5680c", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac324670-2c9a-5660-81c2-ce31d2613284", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3cc757af-e0a2-59f4-8e9b-1f3856a7dc25", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f7d53206-e8ca-5528-968d-4f6fe793beba", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19d8dcb0-d8ff-59fb-adcc-472fa470881a", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-oidc 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc5688d8-d640-5fdc-846a-fdcbca82f72f", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d13a29ec-c490-5b87-82c0-00124b8ceaae", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a92cf8de-8b23-5d1c-b1b1-53864983da81", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4c4f3dd-5df5-56f0-8198-fc7331c495e1", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4c65ad61-ebc5-5416-8f3c-127adc0a5619", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e6921b6-d642-5375-b5db-ca4976587804", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd438088-ab1f-5a4d-847e-7b9c1f2247de", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80b61d29-c6d2-57c5-9ca6-a8b4a85d7877", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b36b66c-2c2d-54ab-8036-432df559fcea", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-oidc 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8439508d-c3e0-5cdc-ae5b-f26817a74ac9", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:42af2650-9845-523d-ae01-a255fd01a5df", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2505905e-a259-5ebf-9442-b020ea712249", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d23c5f9c-f3b4-5b1d-b895-8a81fb515a7c", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-oidc 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef611cc8-94f7-5916-ad97-7413612305b9", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:feada99d-dfa8-56b8-aa8f-03f6268a92e7", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:50892945-7f70-5709-acae-7bd42b9e41db", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5705670d-4631-5de2-b3e4-db9a102ee7f9", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.9.tuxcare.1" } ] }