{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c4db24b8-ca30-56d5-90d0-de712aac77ce", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf.services.sts", "name": "cxf-services-sts-systests", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3b3420b4-a754-5fd2-aafb-ad51f1410006", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5804d4aa-2378-5aa6-807f-084d82ff3e85", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b895ff93-f42e-58d7-bee4-5781a7623c4f", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:427131ed-a8f8-5292-9afd-b4919ff8fef0", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2e9011f1-ba01-55d2-9fc2-44b13e887c30", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4adc96d3-143f-55fa-bb3f-e5417536d29e", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3c293acb-6c83-5b4d-9aa9-fe0a13ec3ccc", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6c326bbc-b46f-5581-9793-eb14b6e79303", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c57fa3d2-ea9c-5fd0-9eef-9eaa731cbf9c", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9cdc94bc-708c-540a-a0a4-22b3f3b33575", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:8ede97e9-22d4-57d1-97c0-3e2d7df643ac", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:40041137-05d2-54b9-82b9-90962afdc806", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fd93e305-990b-59f3-af5b-18a00a9d8b01", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:93d55cb8-9a29-5741-93dc-f8134f2e91a6", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b4cf679e-aa32-5eac-a939-a3c67daf2530", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7cc3d016-913d-5180-8bba-add009ebe2a7", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:cf4da3f4-e2ad-55c9-8005-faf979bf6f2c", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:382308de-aa26-531d-98e9-d6a5fd410b3b", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0050cdf1-89c3-59eb-b819-f7f5a819f2fb", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:daae26a2-77a7-5369-ab56-2dcd48e94d7c", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3d28cf58-0de2-531e-a48e-a7494e483ce5", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:71143ce7-2404-52c1-9868-a83f47ebb3d3", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c16c5a91-1115-547a-be3a-b72565bcd9c5", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b0ca4402-48ab-5196-a514-08c68664a101", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:263cae45-f6aa-594c-b528-fdbe4a1f3231", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2e6b28a6-a845-56cc-aaaf-955e268ec279", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.sts:cxf-services-sts-systests 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:756a7d13-2d6b-520d-8bbf-43eabb809344", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a9ee2aec-f949-57dc-9f22-6005965603ed", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.services.sts:cxf-services-sts-systests 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:bd67ff5a-3e97-5611-894f-98ba7ca1cd66", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:bb8a9e68-3f66-569a-9d91-994615c31274", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.sts:cxf-services-sts-systests 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6b16ed5e-752b-56e7-b613-e0a0e9b7f254", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e559ae0a-4353-5f60-bd27-e0190b471c12", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts:cxf-services-sts-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-systests@3.5.11-tuxcare.7" } ] }