{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7d09f585-0dd4-59ab-b139-e63e80960456", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare", "type": "library", "group": "org.springframework.security", "name": "spring-security-web", "version": "5.8.15.tuxcare", "purl": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:26c14f87-099d-5be4-bcc4-22f71325cc30", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:1505b7be-5761-554c-80ee-1fe1da5c2b13", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:4e030488-7c67-557b-9e6f-fc6530aaa661", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:283565fc-c446-5d8c-8ebf-8f5ba06bda54", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:526eee52-be78-5fc0-b3f3-b3229e042bd9", "id": "CVE-2024-38827", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38827 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:c8bf746b-c365-5716-a99f-3e50af8bb5f3", "id": "CVE-2025-22228", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22228 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:e3c382d4-5e61-50c1-809f-66e31af2032a", "id": "CVE-2025-41248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41248 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:a607352a-b4f2-5de1-993e-8449250cc788", "id": "CVE-2026-22732", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22732 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:b6925d90-c4a3-51da-afaa-e759cbe5a0cf", "id": "CVE-2026-22746", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22746 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:c4caae87-d716-56a0-811a-4870a97f58d6", "id": "CVE-2026-22747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22747 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:9e87a2d6-7c9d-570e-93b9-c9f393324574", "id": "CVE-2026-22748", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22748 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:8ae186d2-476f-5d19-8089-2711d8aa5dc6", "id": "CVE-2026-22753", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22753 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:c88a8302-aac2-5362-93db-bff561fb3998", "id": "CVE-2026-22754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22754 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare" } ] }