{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:69027238-3279-5f96-9972-17bff460f03c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-security-saml", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:df1c6a7d-82e8-569a-a634-7ad35b17da15", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8f53005c-f178-5d27-906f-eaa148652fff", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:640ca7c1-8f70-5e94-b088-8c9a75d8b51a", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5c27e505-a9a2-54d0-8e5d-d62796da4a57", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bf73c349-d3ee-5cce-b99d-5ea01ee76882", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:76c80ed6-5b39-5e9d-82b6-aa56afdda014", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9e7cf33d-e5ef-5d25-a2fc-348d26b5ca11", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f1317b35-2b23-5aa5-8693-6b9c6c818d9e", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d162e5ba-db72-55ec-b13a-5e059978e45b", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6c6c47c5-14e0-587b-b8e2-e86496a3121f", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:03a75122-4420-5950-91f6-914017c4a70e", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5bece67a-f85c-5f13-8263-73f1f3e467c1", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9be59105-4ce6-5a1d-a4b3-5348cde1ac01", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c98185d9-5743-5d91-b1df-91683bf4189a", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d6b85871-3827-5321-8249-fb52b128adda", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f2eb739f-a843-5ccf-a762-449dca191d8f", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b7ce166f-d6f1-5f31-953b-5c3bbbf5730e", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-security-saml 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dd7bd1b3-2120-5245-8fb7-1863e71928ba", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f8ebda34-a5be-5725-8ab9-98caa7bb73a3", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2f0bc87c-1e75-54ac-9b41-f153a8b89d75", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:17f48061-2d67-59f3-9cda-2201eaa6be4a", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:921013ab-ad62-5ea3-a77d-8957e261eff5", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d4060c8d-efe5-5775-9ac5-5366a1f69fdb", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a219d5c7-05ae-557a-a34e-9d0dc9cdae54", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bb1e19d0-82b9-5a73-ae3a-cd388ab576e8", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c79ae1ac-527d-5f51-ad78-4869adc9fa49", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-security-saml 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4c79be9a-c9cf-5d0f-aa3c-1303514ce3de", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4ac0ff02-6af3-53fd-bab8-e7d2e03fb79d", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c8cf22a8-1c5a-558b-ab72-0cb09904cfc0", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:927ffbac-22c5-51a7-b6c5-0f90a84e0e55", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-security-saml 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3d3af7d4-5d36-5e8f-89a1-11f16817bebf", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6f09d572-f898-5be3-a729-32286b39cd2e", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:30c08b80-f4bb-59e1-bdb9-5d5a0d42517b", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c0497925-815a-5455-8d13-9b81f0c476e3", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-security-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.5.9-tuxcare.5" } ] }