{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:622e1bc6-d7f3-5638-aa7d-96c9c94393ee", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-security-sso-saml", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:870dfed5-ae66-5da7-8501-521f85371fca", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:36660a57-68e5-5485-85be-af27f636313b", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f7f0e559-eeca-5d34-90cd-a77dcac34b24", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:87c295a2-c91b-5818-b573-57d949e66056", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:27e950a2-f499-5826-95ec-23c27804d260", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f8ad9d2e-b83b-5c3c-99f0-c67f028f7d90", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b66e6e4b-1411-5579-948e-a4d347d72e88", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ef1cd016-4a99-5615-8dd9-9b5fe3e6b173", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ae78d8e8-a3f0-5004-9271-bd3de2f9edb9", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2472afe5-45d9-515c-92ed-d8cf778d3f75", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:95f2e87a-6dc5-5954-b8eb-ac798d766b36", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8ba3d1a5-9561-5646-a5fc-72c511b950f2", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:16115917-212a-5c87-88a2-d9d87d0967a9", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cbb1baa0-d9fa-535f-8bcc-e97005616d59", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:039518d3-ef0c-58a1-afff-45620a2c0ade", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6a73d4d5-968b-5625-8831-740f56347640", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8f7e8603-4af3-5be4-a509-053c440cac9b", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-saml 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d3688e5e-3412-5f53-9bee-1e1b9191e7f9", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2d4754e6-3432-5241-acb8-09c4ab2a2ac8", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:29680090-bbec-5e5d-a76c-9522761d17a2", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f3d56b79-69c1-52f8-8641-2bfdffc96b23", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:55cb4dd4-1434-53b0-8322-9e9684e92b41", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8bc1d34e-d180-5e5b-8fbc-6daed316004f", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e63c8f3f-4c3f-5ed2-b0e9-e882a8259928", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0370ac9a-bfac-5d39-8f3d-6443e362ef96", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ecfb09ef-6523-5c43-be6c-defa79f713b5", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-saml 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:83ee95cc-88bc-564b-afe0-a9aa6b07f184", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bfafeeea-735e-5bb3-8745-94188f8e868b", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7307b835-efbf-5125-b53f-421f9c844ae5", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e0c9175e-7911-568c-8bb8-2a15ad06d085", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-security-sso-saml 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:de4f0ecc-bc86-5321-bb20-9d23ea768097", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:548d6267-35a0-5913-a787-c5d1672e6718", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c4916fc3-8597-5870-b193-a7b5af43f6a9", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b63dcd42-14c0-50b5-9c93-63e99b9f7b00", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-security-sso-saml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-security-sso-saml@3.5.9-tuxcare.5" } ] }