{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:54e62158-f344-5b78-9d2c-2d5d10811764", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-security-saml", "version": "3.5.11-tuxcare.6", "purl": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:49d27c17-51c8-59b1-b055-9471dd0dd21e", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4fe1fa69-e195-54ac-9423-a1a3add4864f", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c3158e7d-ac26-56b2-b89a-04304f87b449", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ebca4b9f-3d48-5fe5-ac09-7f2a5faa9853", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bd236ebd-8751-5b84-b7a4-25a5b8ee35ae", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cf7539a1-7a3c-5454-9ae1-d53ec6390ac2", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ee80b916-2d13-5896-9612-8f3f1b5fc949", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:927ffb9f-6c7b-5d8a-88a8-132cb3f09237", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e6507515-ae92-5662-9019-9ba8c4562a0c", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:da7e6434-7b25-5f5a-85d8-0ab9c58f82c7", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:023c9f66-988d-5eb8-95cb-e88b85bc5f11", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8e85d19f-043b-553a-9e17-90960c2f6505", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:952220c7-83cf-573e-87b8-69b026ab5476", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:57abfd8f-212d-517f-bfa9-f1b6a8e45f48", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:52c53753-c90d-5e6c-977d-d240607ab80e", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:64f37bd3-ee46-5328-8de0-8cebbb659724", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9096a6dc-5dba-5bb4-aef5-0d15f1c28d6e", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f6c735c6-3279-5c3a-a5a3-64a75076dcee", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:dd7b1a83-c6bb-5ed9-a490-8aa1fec96c85", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cb0eaef6-092b-5563-8d3d-2ec2536e2b50", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:17e56e4b-693c-580a-b456-6d7094763155", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:55ec08cb-7699-5e1f-b143-906b04cb9225", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0f76ecf8-3322-5d0d-92b2-44bcf224bb47", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7ab5dd9a-9b21-5d41-827c-4c594a39a0ff", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d8cac7d8-a178-5548-82e0-a29a7b20f96f", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f36ec2b9-483d-5d33-a1e1-f56329fbc2f1", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-security-saml 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b5235cb1-dbae-5bf4-89df-f5e9a73e2579", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:56f11fd2-f17a-5700-99ae-6c46888afdad", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-security-saml 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0335b2da-8d47-5f68-81bc-ae81111744f2", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:741d8e05-7f65-5cae-9149-cfa6e35b958b", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-security-saml 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a71654bd-1638-5b2d-b0ee-bc3100429836", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8f7e0b22-bfba-59c4-8008-b0696b09a6c3", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.6" } ] }