{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:15e3cad4-508f-5f38-9057-6722650c7d46", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-crypto@5.8.15.tuxcare", "type": "library", "group": "org.springframework.security", "name": "spring-security-crypto", "version": "5.8.15.tuxcare", "purl": "pkg:maven/org.springframework.security/spring-security-crypto@5.8.15.tuxcare" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:444590aa-6c46-5659-a6dc-e8840869f3b9", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:bcb09ef5-956d-5423-87a3-a5aa80905fe2", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:f005ab7b-9ff4-5d58-a91e-6a4c254940d1", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:91530ed6-c8d1-5e1d-a6db-4da2c22a8200", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:6a6b38d7-b5c4-57ac-97b0-f071807d190f", "id": "CVE-2024-38827", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38827 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:603d8926-878c-5767-a753-58bd4c15dafa", "id": "CVE-2025-22228", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22228 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:c641f1ca-86ad-5c54-9e29-104dba50caf4", "id": "CVE-2025-41248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41248 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:2fdaa691-8a1f-59ee-a32b-58473205ce9b", "id": "CVE-2026-22732", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22732 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@5.8.15.tuxcare" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@5.8.15.tuxcare" } ] }