{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:43aeead0-588d-5d46-9e51-565d8f5c5a12", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-sso-saml", "version": "3.5.11-tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cd2ec18b-0628-5858-849a-30aac595760d", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:369b2d5c-08c2-58ae-9c62-a38bf12c7053", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:210d0116-c81e-5ef3-b2f9-60ec8a6249e3", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:269acca3-aaa8-520d-ba53-7dcf9b51109d", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c71bb2e4-e905-5346-92bc-563e7ef8ddb6", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:267009be-62f6-5e95-a8fa-c8330287a600", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce396e38-0924-5fad-814e-6911f5da5eba", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b22ff50-bbd1-59d1-b6aa-73725076255c", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:17715629-ea0e-5128-9d63-0410bd2f4c82", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:94997eb5-630d-553d-a194-4bf4fe96d15e", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:84d52256-a99e-531c-825e-2cb4369bdcc4", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:753d4253-2d32-543f-a9c7-abf6121bb31d", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d77298a-a258-5206-b5de-fb7e20ca24d9", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96dfba31-40cd-5270-a480-5ff064f54e1e", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:548b4ca0-3dde-53ee-b859-2494d331284e", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:82280a19-9891-5d3f-ad24-1f4f6dce442b", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:37e712f5-3c23-526c-b2dd-20baac333e4f", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b4ee6f90-5431-5024-a3d9-fe255403fc50", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:998529c4-0ea5-5d67-9adb-5ed66a8a88f1", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b6a6036d-cd6a-5fd0-9f92-19629ece21b8", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:654ac8f2-1b4b-5b0a-90cd-48b3d8eb2fd7", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4bddec57-e862-535b-bbb4-3e96c090ce4b", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:46980c88-ca42-5dac-b66d-23857b0b0853", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1c9041c9-80d6-5173-83da-d336fb83e304", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99cff2f8-d57a-572b-8358-052fe3951def", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0dec962-2e80-5737-98b4-ac8b70d5de4f", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-saml 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9cf09743-25cd-59a3-b0dc-462f33ba10dc", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c34cd735-f3ea-5889-a029-01dce1e0623d", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-saml 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:31560ed5-0973-5650-98c3-7e7b88479134", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61e45e2d-0613-5dba-9669-bb5ad599cb1e", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-saml 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d53d06cd-f39e-56dd-b545-d1a5cc80dff8", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed7bb401-ffdb-5bc9-a2a9-686a9e815f35", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.1" } ] }