{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:52c2f496-4e2f-5cb3-a1ef-aae4e047be53", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-sso-saml", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4068713f-e0c3-58eb-8375-4230b7bbb00c", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0d521f6-0951-56cb-b4fc-e41f08025bb1", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c4460ac-8d6b-5658-b202-6ec34be7f3ef", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d47bb2c4-1a31-5041-a2d5-5f41f7f4595d", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:77264ef5-e9f1-5dfb-a54a-0e685e4f84d8", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd95a6b3-9d8a-5f24-acd8-399ce903bdfb", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f805f7cf-ffdd-58f1-8aae-4cd01b251a49", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f9e554c5-79dd-5e1d-89cd-dbefa372f688", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a4a613a-855d-5d0d-b811-66c4958c8afa", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b4b7583-6c29-5162-bd06-fcc8a682ea82", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e5210389-f599-504b-8c49-d6e3a08a1826", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c02f595-c375-58a1-bf22-f707a3560be0", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:67e07e4e-e0b0-5428-a23a-8a8af9ea2f0f", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4089056b-992e-5c1a-9837-a0250b1c8aae", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fde71336-48ed-51a1-8d83-dfbc0d5d8a1b", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0457a7b4-0187-55e4-bb8c-526d365eafbf", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf942bae-49e3-5894-9800-9133d61bb4d9", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-saml 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4440a07d-e10f-55f2-9d55-0a7acddf4e80", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2214465f-22bb-5efc-9fc0-15cb7905c82d", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f096b22-2134-5037-9207-630ea0013e17", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4184475d-7dea-557c-a936-e791e8b87a72", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5a1409c-f91d-5303-aeba-e4aef75d22b0", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b50b8274-f540-5d29-b813-789a1b8210b3", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58d2bdc0-672f-5534-b25c-aa258cbe992f", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:15047310-9c49-5fa3-bb8a-ec9ef812adf3", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:90d11167-f742-53b7-9ae1-96be3625c48f", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-saml 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:34ae7bf4-d6e3-52bc-b9fc-4682199acebb", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d06cc700-7add-56e5-876b-fcf21fed7c83", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5a2e24ae-2655-5891-b1a5-21dce2396bec", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b4f79a9d-bfeb-56b3-aca1-60cfc202b67a", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-saml 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9af4dc60-48ba-56a6-aff5-769a65e79948", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1df2c9cf-acf5-594c-a481-c5f4545beeb4", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b7abae4b-cbd4-5b07-b8e6-c2b540458d7f", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:90faf786-1e4f-5106-b053-3e69b971bb7a", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9.tuxcare.1" } ] }