{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4a5fbf21-669b-57b7-bae4-54692a83b5b9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf.services.sts.systests", "name": "cxf-services-sts-systests-advanced", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e9f68b0c-beef-56a6-9305-52ed27ec5066", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:47a1013e-a47d-56be-9771-c39720ab6a29", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f67d9ba3-e44f-515b-9caa-f71fbcf78ded", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3e723e13-c2b4-555f-89a4-801171dd18d0", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:dd1d9510-d2d8-5c34-8f6d-e61e22066b21", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:99d80bdd-5e28-55e6-8803-93a99bacc8d8", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:13d7ce66-3c3e-5a95-8d64-e5577652cc84", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9d3414cc-6dae-5c17-8e80-d99c25fc3cd3", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ac6d9bd1-04fd-5e0c-991d-9e450259d533", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:714d5b30-5619-58e2-8f14-1f7fc993f057", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:edc70b33-122c-508a-827b-4033fbb08218", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ea4d8130-3192-5936-ac72-7ae53f25bad3", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2f5f0cdb-ad56-567d-9f70-0981dfc93174", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f3664df4-ea59-56cf-8924-7748445fccf3", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3c22b267-7a0b-57d6-b0e9-2d8275e6dea8", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7ff1b41b-ba46-5906-9b6b-01c9873890bd", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b5f37d4a-8594-5a36-8acb-2dfccbe66896", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2631e367-4339-501e-a23a-df5bcc2e7cb5", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:87a0ed90-53c4-5943-808d-45616e38e9ad", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:87207675-3b82-5d42-92d2-a2ec13f342d8", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3d383f12-6be4-55a2-8ac2-25ad99d34946", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e3f017f9-232f-5ca7-9740-c8039d9b5e2f", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3832deba-7cad-52ad-bbdb-6e4a1c3e5522", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:14faa13a-2aed-5b4e-a723-5c90db697f1d", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:901fe38f-63d0-55e8-9f05-7206fc71eaa7", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5fec8fd2-8460-57ff-8023-295443d469df", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3441fc7e-85f2-5257-8b94-838a14d54361", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b64772da-3c70-56b2-b5a1-35943df2d622", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:61687559-3b3c-5f03-ab79-30af676f8947", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:48d5bfe8-56a7-5f03-82ba-132e9a56bf0e", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:38bbbf57-4d3e-5bab-9bdf-b338d3ad8c9b", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:974db6bc-cb16-5d98-b380-6e76ce7ece0c", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf.services.sts.systests:cxf-services-sts-systests-advanced." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.sts.systests/cxf-services-sts-systests-advanced@3.5.11-tuxcare.7" } ] }