{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:32d88d53-a7f1-5194-8572-584af1effbd3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-oauth2", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a4a25cd1-e0c1-5276-88c6-4f1db958615f", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ee9e8fef-3acd-583f-bb7d-9a6cd36b54d5", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1395305c-7319-5968-b411-8836900d8471", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:473f9b63-5ab3-588a-921b-d5880e3974b6", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e856b601-3a77-5854-8dc0-0026ce96fef3", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7b5c452e-8ec7-5d4f-ad57-7ea7ee4938c7", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:25bee980-2ca7-5fb0-b570-f7bc3bb74a8f", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7857de77-5035-5b70-8d27-24dbe85d441f", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0a0e659b-9082-5882-b2e7-8420c0fcc9e5", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:656e6c8c-1185-52a9-8533-559cff983155", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8776a2a9-a618-58a5-a672-c8c74b0cbe0b", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:360a2dff-b57f-5e13-8f02-98f6d90373f0", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bb17239c-2ebe-5c59-94f5-a97fbd6373ce", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6cde3c54-9f78-561d-a184-94099b70ba68", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:033172b2-3391-51cc-b243-a4451043bfbe", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5453e642-f7b5-54eb-b1d7-f505fff9d493", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0b2a860d-8808-5199-8dce-e42300afb755", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth2 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9151f073-e4aa-5c6c-b4f7-46b5b12a5e8c", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7e3d5fdb-d88e-523d-82d6-bddfc24fb09e", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e6bc9fb5-ab88-5bf2-a4a5-7071bfb247c4", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b88284e3-6800-5412-acb7-0813d8bbee9c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a67df395-25c3-5da3-833b-4ed464bf7650", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8088a607-bd2b-5964-81f3-7e9e724717e5", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:27d9c617-d7b1-57f3-a7f1-1781621a57b1", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f2ba27ec-c33c-5a7d-ada9-21ab0c135a35", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d1c7bb07-49df-5948-ac8d-a43d20e396f2", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth2 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4315c452-6c01-5ed5-83ab-53c199d91be9", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:64579e6f-57d2-54ae-8528-9a5abb32ef6e", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:56502ef8-951a-5fdc-8a2e-cb3c61883414", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:de4f0f8f-2fa3-5a48-92a7-996eb7132280", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth2 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bedcc83c-2dc8-5507-8876-fd3c1a497a1c", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e6aa1a7d-d4f7-5b37-963a-f105c19ff352", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bc883437-fb1f-5cbf-b12a-8d1ec50fab76", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1aa50185-e07a-5117-acd4-00e0f54373cc", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth2@3.5.9-tuxcare.5" } ] }