{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:3c138c00-9465-5cc6-ab8a-da03a7b520bc",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1",
      "type": "library",
      "group": "org.springframework.security",
      "name": "spring-security-oauth2-client",
      "version": "5.6.10-tuxcare.1",
      "purl": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:cad58f93-75b4-5219-98df-177efe96e805",
      "id": "CVE-2007-1651",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2007-1651 affects version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:be7a6f57-c85d-553b-b2ca-dba752af4037",
      "id": "CVE-2007-1652",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2007-1652 affects version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:fb582499-a2f7-5bc5-a0b7-98d22d89f4a2",
      "id": "CVE-2020-5408",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2020-5408 affects version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:94f4d0e4-daae-536c-b818-7789e9db56c3",
      "id": "CVE-2023-34034",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-34034 affects version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9eca36a7-2bd0-5139-9c7b-15392ed4e6ec",
      "id": "CVE-2023-34042",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-34042 affects version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b692ad8e-f59f-579c-9a0b-ce69b911beee",
      "id": "CVE-2024-22257",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22257 is fixed in version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:102dfa7d-f8ae-5416-9c9e-5a73284cc13b",
      "id": "CVE-2024-38821",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38821 is fixed in version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:62878020-812f-51bf-9cba-048b4f49b457",
      "id": "CVE-2024-38827",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38827 is fixed in version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1812d742-8dc6-5391-a2f2-1af6ea1c8a49",
      "id": "CVE-2025-22228",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22228 is fixed in version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:dd084a44-d948-5c7d-831c-b5387355b074",
      "id": "CVE-2025-41248",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-41248 affects version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:fdd9f1b9-502e-581b-95f5-5bea1f9165c2",
      "id": "CVE-2026-22732",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22732 affects version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1"
    }
  ]
}