{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6a8500b9-ef19-5c75-9030-383cf8e2c9f0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare", "type": "library", "group": "org.springframework.security", "name": "spring-security-bom", "version": "5.8.15.tuxcare", "purl": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3429f85c-d162-567d-b109-5c7251699cd6", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:0012f29d-dabe-5ab4-8e50-19a5d22598ba", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:a8eb97eb-d6f1-5fbd-8a74-98f8a7a71473", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:fbcd5d65-c651-5b2d-beca-37f0d4f75013", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:c159bbe3-8a35-5689-9239-0cd1d3fc9523", "id": "CVE-2024-38827", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38827 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:0fd2cb29-4ea3-5546-ab82-77160d1ae92e", "id": "CVE-2025-22228", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22228 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:c5be5ce2-4012-591f-ad92-a780746bbf88", "id": "CVE-2025-41248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41248 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:9aa47947-0230-5ea0-a70d-94057f8b5985", "id": "CVE-2026-22732", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22732 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare" } ] }