{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6b5f3cf2-c5b1-5876-b795-f24c808150c6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-sso-oidc", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1942297f-5c45-5d7d-bfaa-827c1320759b", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:33a1ae49-eda4-5d74-b6b6-f29c04123537", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7da13cd0-6820-5b7a-85dd-697d7579e93e", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:04303553-df05-5ce7-abd6-051681668e67", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f2e08f65-3cde-5a16-b696-928c14e5bfe8", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4ac743a2-a2c2-5494-96af-e3a52c1fc0d8", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:35a89417-799f-5264-9e11-304423d3721e", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5d13fb5b-f27f-5d6f-9128-33bdcf30e608", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:bb46eb03-1bed-5b03-bf03-d5a3192bce3e", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3bcab6d9-049d-5a92-95c9-3a00ce7817f3", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:8fde297d-c029-55a5-8929-15b4dad20890", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:8b808cbe-0b3e-5b22-aa9d-c49ee238e5d8", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5677257f-7372-5687-b402-b94edb0a8876", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:26267ba3-9773-59c1-bdcd-a155abffdb44", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a817e387-dac5-5964-8463-6c84559d0155", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fdd1c041-0dc0-5c89-81f9-f13a971c75d5", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fab37c22-3568-5e2a-85e0-81a9f36067b7", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:208e3fc5-e9e0-5035-bfaa-3fa5c62854f4", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:19e8dafa-65a5-5dcf-a51d-29f2ff69e950", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2e8a9fa1-bd78-58a6-b7d8-ce725628af82", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3161e264-ce9d-5e63-87fe-36d2ad2892af", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c47109e7-26a1-501d-970d-d312ccd6f77c", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f2c66d0b-3c15-5015-8aae-650c724d5a22", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:49ee0429-c9f9-5273-82a6-2eeca009b187", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9a8fd8f3-26f1-59ea-81b8-38903cd2471c", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3c20ec04-ef8c-5a76-9009-b82329bb7d33", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-oidc 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:75ddcf5e-7fcd-5961-9fb0-95a8a7c34aa9", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d056a6d7-3742-5e74-8d39-9ae70a1050fa", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-oidc 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7adc2c0b-425f-5506-ae30-81a475518090", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:69fba03c-1d66-5e17-bc6d-855423b4e4f2", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-oidc 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5fd19cba-defe-5fcd-afb1-cf5d0cc42c8a", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:8df8dd00-056d-56b3-8dcd-9a1d13323808", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-rs-security-sso-oidc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-oidc@3.5.11-tuxcare.7" } ] }