{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:49be89e1-a909-5bfc-a629-c9603ceeb0d0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-security-saml", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c99562ce-11e0-5711-b693-f9897b42c061", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:cc2e44c9-d973-5d7a-a060-ecb3956d2cfb", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:91dd4725-e15d-5320-8860-5209b53c85ec", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0be0e7ef-8990-58b6-886f-1e443d2fe789", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c9a7fe35-f686-5b0e-b782-24062e93a810", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:cbc3bbc5-214f-5b71-a57f-9e637177ebb7", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fb4a5818-dc18-5f70-ab98-8de212d7c796", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:8f1e074f-5ea2-5378-9ecd-b21323ab6810", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9b7da939-68e9-522a-a97b-5f8b09ea7acd", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3d066ee9-4e78-5342-8b38-5cbd2c03d3c2", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ab4d970e-73a2-5913-9b80-ea98623ec69c", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b676fd66-c775-5506-aa1a-366b3da45091", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:65b7ec71-d7c2-516c-986a-69079af30598", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ffb3e5ad-f9fe-568f-9f65-6e52a4c77cb0", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4c5d1163-7ef0-50f0-87c7-1f709c9753f0", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9cc10219-ed95-59ad-8b34-6e36ce424d9c", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2c9d6b7b-0058-5e3b-a19f-87f60cef129a", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ef3ee3a6-eebb-559d-a712-35ee86884390", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0edead5e-09d1-5660-b8fa-a7ac898d1042", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7ab57c11-35c8-5474-942f-54c1baea0108", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ab5b4bc4-6d39-5712-9cb9-465b340ece4a", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6b8e1499-d16f-5eae-8e2d-74a8ca029037", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ace18cd5-7aa4-55a6-bec5-212030237fd4", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7eec4c24-e902-58d7-bdea-e57e48474a26", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e15868da-df96-5712-a482-5698b644eddd", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fe5c3fd2-a5d4-5660-bb53-7c0b3cda0d00", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-security-saml 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:569a2dbf-ea73-51c6-a8eb-e64bc285c813", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:12486bbc-ace2-5e5f-ac92-84a0c4a2b7a4", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-security-saml 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f4c6bbc1-1d38-5d90-b9a0-80e6f11b9bcb", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ab6d546b-479b-57e8-b6e2-87dab69a7811", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-security-saml 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5cf7a273-f5dd-50ff-aa70-449378dc8072", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b69c72d8-44a5-5bf5-b623-2244b788a564", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.11-tuxcare.7" } ] }