{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a3947ef9-c8ba-5c9b-807b-89427f5298b6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-sso-saml", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8f978df0-4427-5b38-baa9-506a66415882", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2778ecb5-78b4-5247-a854-ca463c1565e2", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9d9cb550-55ae-52b4-bf3c-06e68d0d959f", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:72035f76-e82d-56e6-99d8-f69a6470ff0b", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d447f692-0421-5ca3-b2d0-0e3f356a476b", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e9bccd07-3f33-5f1c-b400-875ad0966f70", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1a18447c-171a-557d-99a4-20775328aa2e", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2dd38fec-3c76-594e-b309-7b136ced8c39", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:462c3099-6151-5a35-bf72-60c747c5e3b8", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:48b2edf9-0f19-59ad-ae10-0bcfce8b783a", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b141adc0-572b-54af-9a2e-f55d8d9db106", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f4342746-5965-52bd-bab0-67159b5295e3", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78892e0f-56a6-54f8-8d6d-79bb5e37d8d3", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:37702727-5075-541e-a069-16b8c57df472", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4439a8d4-5c0d-5ca4-85d1-29e0ab26788d", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f94f0374-0db7-5533-83c7-3352b672110d", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6b50ee1d-f00d-5e84-8009-46b825436a18", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-saml 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5b23b7bc-c519-5394-b518-cd0cb8e93a31", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b0e05be4-a29d-51c7-9f5e-fd422a36ece4", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c1c03da5-9578-5f71-9b69-1655697d4c74", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7cbe6ac0-8206-57b2-b2a1-b13d19d32a8b", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e194c043-efe0-545e-9464-7d2cac41dc71", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5dc40cb5-b5b9-551a-a64b-727c47e4c932", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5a516cd2-c18f-5e9d-8dcc-833d05d20310", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ecfddbd7-4f61-59d0-9af9-135e48f33ffb", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4800e92b-affc-5260-bc56-21fc56d80f30", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-saml 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f7b0dbc4-3124-5d39-82a2-a20a527f5eae", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6682b7bd-b981-56be-adc1-1e21688364aa", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:05e5c5f9-457c-515d-b80f-342dfd0dd2a1", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c6cb3f53-3593-5497-9bd4-a865c852ebb7", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-saml 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1c4cba93-146c-5cd1-bed8-8d9df424651d", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ceccf128-daa3-5bdf-8229-17cf3fc2dc80", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b47e7f81-46cf-57f8-a106-cd2e214ddb7f", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d9b09073-1356-5081-9406-54a68e93079e", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.3" } ] }