{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a520ca3a-432d-5591-ad5f-494eb31bf554", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1", "type": "library", "group": "org.springframework.security", "name": "spring-security-data", "version": "5.8.15.tuxcare.1", "purl": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0d659f43-0aba-54c3-8fbc-36bdcf8399c2", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:569d787a-7a4f-5604-b9f8-50987bef6cfc", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8624ff03-961a-58ec-a8fc-b9ae6b7f2e0d", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:41115c8a-53e0-5dd2-a67e-3bef5d63b6a0", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ca8eed0-fb48-591e-aaa7-9487aa57f76e", "id": "CVE-2024-38827", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38827 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a4fab528-33d4-588b-a9a3-3ce048d43ca1", "id": "CVE-2025-22228", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22228 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2869c583-4fc0-5b1b-9dc0-55deba019c14", "id": "CVE-2025-41248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41248 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6723f338-bc16-5cba-8568-66541021da4f", "id": "CVE-2026-22732", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22732 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1" } ] }