{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:610e142a-e301-5ba8-9bc6-2259d5b3bb07", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-sso-saml", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:baa1675c-7e93-5c4a-bf79-4db89f67659a", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5cb2eb4f-cb93-5d61-aef2-6efc6e7c8ffb", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a20e3085-40d3-52de-9907-176162a663e5", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76f88210-b5cc-5a42-ad37-797c0f9a16f2", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b67cf10a-a2d0-5448-9487-a2da073c451f", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06171724-0023-5750-8200-9901187b65e0", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:75347a00-2185-577c-ad32-aaf63c7e892e", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:994a2320-862e-55a4-a450-c53abb274e94", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:35ecff92-816d-5ec9-8803-820d1924ac54", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:da2f19e1-833d-5744-ac04-36dbc21d2a2f", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:46c7267a-04fd-5509-8790-7b072fd71ab4", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fadc7158-29c1-565d-bc11-e8844f7a7354", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1b956f1b-aa81-563d-be02-4b21848a2ef9", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5647dd8e-a8f8-57be-9897-8bd06bdcc544", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cfc51d0e-6f06-54bc-ab01-e09a4974da29", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7572df2d-3848-5eb2-9b40-d95711080978", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f6c14312-7278-56d0-ba45-e493136ea950", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:801c225d-951e-5967-8803-62aac8cf1bad", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:062e901c-81a4-5d35-be9c-ab1428c1ca9e", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:847c3584-80be-52bd-90d3-b45e92449e75", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96a2b8af-47ad-54ec-8c11-e825c17fd13c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e370a79-3148-5c1e-bad9-3e9ccb778693", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f233a62-4f7b-580a-a049-2cbc6fc98b16", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e107cb0e-9256-5174-9e68-5ee1a97ca917", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9234129f-f8eb-5111-8c10-2bb8c45bc729", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:53c8d726-843c-5bc6-9801-1a4ef8955fef", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-saml 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9980d61a-b67a-5fbc-970b-f1cd2b843a65", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ebea479f-1f0b-56fb-8f3b-a5e8d68ca4c8", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-saml 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42809d5c-b606-5dcf-b5ac-ee777d28b6e8", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3b8cd4c0-2ff2-5079-ba6c-468dd12f4177", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-saml 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ebd1218-a763-5068-992d-a27c437c4520", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f06b7d1-9a10-5993-aacf-9b96a9494485", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.11-tuxcare.2" } ] }