{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1b94e6c0-a7a9-57b2-b614-1f9c300c9338", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-oauth2", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fe39b9bd-2385-519b-9f85-4d3d4aed62bf", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4e08039d-330a-5c16-8555-035a8c76190f", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:75fc98ee-6851-5423-aa48-d2bb92a0a457", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:003c5157-079f-5dff-b10f-9176b57205ee", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:73d1ab54-9037-5b8e-88c6-e80f8c9c16e8", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b8a37e99-a184-5d06-9d7d-fc7ed0c20c8f", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3b445c7a-ed6c-5b2d-9865-616c024de183", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:19567f83-2cd0-5950-9c3c-7f3ae90c5d74", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:105c29dd-10fe-5253-9454-4d4f6f9c07c2", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4eb92aa6-5271-5f3d-965e-a46557bcbd17", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:daa7da18-5ca9-5a51-a667-a0270928943e", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6cfda7fc-39c9-5985-8193-9487c495f593", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5528738f-6a01-5109-ad3e-451d7d6cbada", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:492fd924-df88-5103-aa2b-6d8f7af0291a", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a4da1e2d-a62b-5a03-8eb1-52bda8958fd6", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5ec54f9e-f8c2-5860-89c3-a6d0ec5c9690", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:70592e4d-bb63-596b-85ed-028944a47a2e", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:14b13bb4-98bb-535a-8cce-882763767207", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3833611c-6e5c-5faa-b6d5-9a19bb41b5b3", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:87db777f-8054-53e0-bd22-1974b6992279", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b4e06658-b6c9-5587-9a7d-4830d6bef885", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6a9f7f9c-f938-5243-a245-eb2d8850cc4a", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:cdc1841f-60f3-5760-afbb-5ef741da3f4b", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e0ca02e7-b34e-5b4c-bb12-ec4923380a1e", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9c828957-a815-58ad-bac3-5259c0e4e965", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6a6daa57-a07a-50aa-ae7e-20e7ce3c6438", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth2 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:74f00cbc-99cd-5f71-924e-059395eae404", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d28869fe-42bd-5ce5-a67d-1a94f1cd6843", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth2 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:cdeaf242-2bc2-5e19-aae1-75c97247d6f9", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3d6ebaee-2a29-5655-ab77-4d383fe78481", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth2 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:82b31e0a-a46a-5fb3-a4ee-66ccea6e71d1", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2ac34aee-be04-5a58-9277-f4637bcc0484", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.11-tuxcare.7" } ] }