{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1f0ff414-af4e-582c-ad79-5137d1917586", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1", "type": "library", "group": "org.springframework.security", "name": "spring-security-oauth2-client", "version": "5.8.15.tuxcare.1", "purl": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e1f2cc6a-e356-5607-b52b-0e6abf11312f", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f019663a-f236-5d61-acf1-7ac978ad77fe", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cda9e168-e76f-5dab-87ac-7ff1f5a1d9a6", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ddf0b30d-6533-5065-9820-f4d8204fd7ba", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bfe4fb31-d551-508c-95b3-a684fa108312", "id": "CVE-2024-38827", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38827 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d56f2be-1343-5873-8574-e8d9993470c5", "id": "CVE-2025-22228", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22228 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:365c5467-ec20-5a1d-b0e8-2cd0f7144c49", "id": "CVE-2025-41248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41248 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:949343a4-681f-5023-9a52-33cadd012b74", "id": "CVE-2026-22732", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22732 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.8.15.tuxcare.1" } ] }