{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6bb24ed7-4fd8-5397-8da0-8f51d83749a8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-oauth2-saml", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:20e748d6-43b7-5194-babb-cdf1b3b4a198", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f2a30253-cfc9-56fe-90a7-87620b6ebe63", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f4cd5276-0171-513b-b27a-f809167470b3", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e58d1cab-7036-5398-bd90-f97042b21058", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:544fc3aa-a546-50d9-8f2b-cad43a7ba7ef", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:69bfef49-bbc3-519b-a1eb-64f273a94b04", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c5ba8a2f-0b7b-5ae9-90fc-6f451ec3f544", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:84dcd9fc-ae83-5d46-b9b1-4b5fa705b24f", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a3d79d97-4f4f-519f-8360-bc185e392558", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:df25dea6-54dd-51d0-9471-f62d86f666b3", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c966d895-7bc3-5aea-b3f1-1bb980cd40b7", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d87e8f78-efdb-5512-bb69-3f36c073986d", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:54317a2e-059c-50a5-a778-4acddcf7e6ee", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:72ee9a2b-08fd-5491-bcd5-532a6a3e4ddd", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8ca44b17-8599-59f4-b71c-82a73012b157", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:afc03d9e-ea31-5644-87a6-d905d107e123", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f4ad40ef-6e67-5568-9ccd-e8b0de0a0699", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth2-saml 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8fee3678-5d38-53da-9b90-e0a055b0bd2d", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6052d255-c015-540d-8525-00a8bec49972", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:54a016b5-e081-531f-9b52-8a885f777131", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9930bd54-aba2-5bb3-8110-1d5c64da3315", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:821543d2-001a-5e72-a8d3-963152166df2", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:947520d1-4085-5b61-b44d-a867c10676d9", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:95b01ee1-ed12-57f4-9313-7f9b8b3ba641", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:71211d01-680e-583e-9e70-1674e9140877", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1e550419-b267-532d-89d9-e6a9924979b5", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth2-saml 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a0950987-6ff3-5177-baca-c79a7455b63a", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:00e95836-64f7-5aa5-a750-6510e9675027", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:711b1a0d-0841-56e4-a871-4a9c5944bc95", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:19fc790e-d45c-5e4c-b4e3-2efb687bc261", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth2-saml 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d04c4edc-546d-5b8f-8419-c168c5ecfeb9", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e1ff42c1-6b36-5d12-8ab0-65aff45a733c", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:944cf4bf-1b51-5013-8355-2d0868d56079", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:67839bcd-0df4-5069-b1b4-2ac0ff7ca3c8", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2-saml@3.5.9-tuxcare.5" } ] }