{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1347b47a-f86f-5d0f-8461-b2263baea001", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.12-tuxcare.2", "type": "library", "group": "org.springframework.security", "name": "spring-security-oauth2-client", "version": "5.7.12-tuxcare.2", "purl": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.12-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:061dfa39-ae4c-5d2e-94ba-8b7236ab7c42", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.12-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:142a90ce-0caa-5e48-8fad-735e42504bbf", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.12-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:62d9a4dc-7da1-55d6-bfac-da6379ab3e89", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.12-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf28b40e-079e-5569-9070-1b9435ecf93e", "id": "CVE-2024-38821", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38821 is fixed in version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.12-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e4f233ab-b39d-5c24-9b19-4f1be749c12e", "id": "CVE-2024-38827", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38827 is fixed in version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.12-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0489b324-f626-55e0-a9dd-4f3ae90afbc7", "id": "CVE-2025-22228", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22228 is fixed in version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.12-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b6027111-39e5-56ce-bda1-ea9aa47e11be", "id": "CVE-2026-22732", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22732 is fixed in version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.12-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.12-tuxcare.2" } ] }