{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:adcdda4f-5312-5f68-9bc8-3222badbbe8d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-security-saml", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b6ac72ee-acd4-594b-88fa-058e01431214", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7fe95aeb-44f5-5df5-91e0-ed9b69e887f2", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:23d2de33-3980-5b72-a394-b16fad3e9c14", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e4b2fd44-7db3-523a-8c62-d398b80437f7", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cbfb7ab6-cc05-59a9-ac4f-82563e6573f3", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b28a604a-860c-5a42-bac4-146b41308b67", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fbc7de7f-e41c-54be-a7b6-289f6d0f26bc", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:487c32e8-d2e9-53de-be6a-7712ee4a4ced", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a5b75acd-569f-56a7-8c36-8a109d3fca85", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7aa81b69-f640-5c9a-8be9-88007857f0e9", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a55b8b6b-592f-5f52-b09d-caaf79f39acb", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:192da601-cc24-5e72-9962-45ac750045db", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2b6cabd6-c361-5f58-a822-c35a3cdc360a", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a9a63864-2421-554d-9f87-beef7928ded6", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e467c417-653a-542a-b27b-847d994e1904", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:42c7328b-1c82-5e46-b6e0-56f484e8052c", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:55f4fdfe-45a3-5454-b790-f9d1bc976e45", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-security-saml 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b96c1d75-ca49-58a4-9984-08746de391c1", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:676ea241-8a12-5559-b8b4-6ce477738491", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:033669dc-3bed-5692-93ff-ad1253127f99", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b9ad48e4-4a18-5ccf-aa3a-c6d2e2174434", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a2a0dec1-8b13-5bab-bc94-24541dc41caa", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b8359196-e691-59d4-97ad-28cee1e7c10c", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3e901337-ccbb-5da3-8647-6a9520bb2653", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:04a565e7-a365-5c4f-bbb9-b8f7790cb21b", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d1724a93-ef02-5e95-aefe-20316ed7bde8", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-security-saml 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dcc2a2fa-e1ba-5a81-b984-f039d5c17652", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:108be750-44eb-5686-934e-528dfb3cc796", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:19b02c30-94ac-5044-a370-04ed9a59cb9d", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b0573cfc-45e2-5b47-9983-a3363e257ee2", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-security-saml 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6dda3861-b26c-55bf-b73a-dd628a399ffa", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b3f236d6-028f-53bd-9545-a3e51201738f", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bcc5e3b2-1ca6-557c-9d35-4b733a97b72a", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0ce1afe8-795b-523a-bd84-f2678033a253", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.3" } ] }