{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2f813936-f9eb-53db-9d43-834c9445447b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-security-saml", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3a01985f-a369-58b8-a23c-e0be2cad5daa", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e91de19f-406a-55cb-8eae-88374c5ada6c", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:86066e63-c345-5eb9-adfb-c626e67c788b", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:166710e6-93f5-5d74-9922-b45ebc05868c", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b91a86ca-1e18-51b2-88e6-8eefe9d4e80d", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:684fe68b-0708-570e-9e48-de9285135739", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bae80366-e0e7-5b54-a542-d30460739673", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4d72020b-50b3-5da5-aff3-9624d5b0093b", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:45ec2c3e-1f25-56e6-8bc7-d2c30a610fc2", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c9cdc490-9fbb-59d4-a359-5aab31283b19", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6886c633-ec40-5ad7-aea1-3eec4fc9d5c1", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5421cd9a-04e1-5cca-b559-1390e802717a", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b5fc0f7c-c990-54e9-8065-c1d03892e3cc", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c9bc6d68-a974-5495-bbbb-6f60ec2e2889", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fb200e97-6ae2-59b9-94c6-09b0caa16d55", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2931504a-e506-54a8-95fb-802a063b2535", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:df776fe6-9761-5bda-9ed5-931d55f30391", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4f89451f-5930-5a25-be4e-c868d2774274", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ec5ec75a-333c-5d88-a044-b17db08eed38", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bddce76e-4ac2-506a-93ea-3f436b51c605", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5cfb07bb-85d8-5808-81af-4b6e94dedce9", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:79e96141-015f-59ae-91b1-fb2d11576d8a", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:88c05d13-3872-5c59-b30e-cfb8892e580a", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fcf0cce4-a996-51e6-a026-d94a1051eb0c", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f5ed1ac3-b49b-53d2-84de-d408267895dd", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e97f808a-ae59-5324-a822-f6dc8a5ba89b", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-security-saml 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3203795d-7c45-5dbb-8977-a676f37f1b15", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0f71d207-284d-5bca-bf9b-b3643814cbab", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-security-saml 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1dece608-6af8-5a32-a08e-b75def918c19", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:305f00ef-16aa-5f19-81aa-67a27d731bd6", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-security-saml 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:02b664ab-067f-592e-ab7d-1fae8f713664", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:55091364-b844-592f-9f7e-27453009df19", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.5" } ] }