{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5a5a19de-e0bb-5203-8bf5-1766635fcada", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-oauth-parent", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a8c2013f-f21c-5da4-a4b2-5fcbaf6ed115", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c9cc12ac-8284-502a-b522-d418f7caf194", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f2f37dd2-c59a-5939-a538-3270530c7956", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:951135d0-b978-5cbd-aa02-8e1b40262467", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d3605308-fdfa-51cc-a4d3-9356fb553eba", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f7430e7f-e204-5454-a86d-01e6756346fc", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2369d341-4d00-5397-a904-a2f0ed12f6e6", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dd3d4590-cd6c-52c2-8eab-5c2100ede13b", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fbc1b811-7021-5864-bcb4-a5b6bc89d5f0", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:187de995-7c2d-5bde-8248-1f75c48d135e", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:545a1515-2cc4-5557-a16b-15e1d32324a0", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:32ea9c2a-a223-5f25-9adf-888fe94fa8cb", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a7c57318-7995-587a-b191-36c18f245f72", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:96fd4181-c4aa-59e5-9981-b057be2f1d64", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2dd08238-2aed-5b49-b5d0-34aa5f9e2896", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cd3aeb6f-5132-5c23-b372-693c48874cca", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6f9f9041-2f9a-5507-988f-b9cde17c52ba", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth-parent 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:829d84b3-0f88-5c5d-93fa-88df432fbe0c", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:60d1a9bc-a1ba-5790-bf47-9b2ce1db63fa", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:87296330-1d18-5038-b98d-541822ae8a5a", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dcbd5ecc-fac5-5399-822b-3c2ae9a8ab32", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:43e28063-f615-5012-b543-299eb174d08a", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1011c939-1fb5-5f25-8d59-77cda8c2e41a", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8e9b45df-eac7-5f7f-a1fc-c4ffeb6ceb49", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ed1c1666-e87a-534c-923a-5f6ea33d1c08", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:93d10cd1-2d1d-5856-94f3-f3ad306118cf", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth-parent 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bd4d4c2c-4c4d-51dd-a0c2-6f27e047bb38", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3f15f25f-f38b-5c56-a41e-0dc193c3cb69", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7bfbf840-12e9-539e-a7d0-8c5fef88642d", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bfc2cd9b-c7f7-54db-888d-2687d379c882", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-oauth-parent 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:490920a6-5c47-5c1e-8902-f5f79198ba44", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2479aead-ad52-5b7f-93fa-e63b5cba5e46", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e6cdfffb-1cd6-521c-adc6-d3ff7766cd72", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f0cc0664-8865-5a17-9a90-74e0294ce432", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-oauth-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-oauth-parent@3.5.9-tuxcare.5" } ] }