{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6f301f35-03d5-5d6a-ad7c-0eb0bfd46e10", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1", "type": "library", "group": "org.springframework.security", "name": "spring-security-oauth2-client", "version": "5.8.15.tuxcare.1", "purl": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e1f2cc6a-e356-5607-b52b-0e6abf11312f", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f019663a-f236-5d61-acf1-7ac978ad77fe", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cda9e168-e76f-5dab-87ac-7ff1f5a1d9a6", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ddf0b30d-6533-5065-9820-f4d8204fd7ba", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bfe4fb31-d551-508c-95b3-a684fa108312", "id": "CVE-2024-38827", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38827 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d56f2be-1343-5873-8574-e8d9993470c5", "id": "CVE-2025-22228", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22228 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:365c5467-ec20-5a1d-b0e8-2cd0f7144c49", "id": "CVE-2025-41248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41248 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:949343a4-681f-5023-9a52-33cadd012b74", "id": "CVE-2026-22732", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22732 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bdd195e7-f5de-546a-9133-d702a8016107", "id": "CVE-2026-22746", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22746 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:213b53f3-1ff0-5d9c-8132-97c9a1d96473", "id": "CVE-2026-22747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22747 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf7a6834-01a6-55b4-b9fb-7bb928461caf", "id": "CVE-2026-22748", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22748 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4a85aedf-9938-590e-9f1d-d29a3102d44d", "id": "CVE-2026-22753", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22753 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b7b8fac-9deb-5f60-aa0e-c56c585c0618", "id": "CVE-2026-22754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22754 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1" } ] }