{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:87ed8882-0ad3-5b4c-9699-365d580bbc60", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-oauth2-jose@5.8.15.tuxcare.1", "type": "library", "group": "org.springframework.security", "name": "spring-security-oauth2-jose", "version": "5.8.15.tuxcare.1", "purl": "pkg:maven/org.springframework.security/spring-security-oauth2-jose@5.8.15.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e32df0d5-0ab6-54e8-9342-1f5128925533", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-jose." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-jose@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d4dae131-ea59-58a5-a5a3-078612685798", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-jose." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-jose@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1dc6fd94-3cfe-5761-8192-f73fe21363f2", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-jose." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-jose@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:27b5cee0-73c5-5454-834b-2acf30c2ed2a", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-jose." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-jose@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:629c0128-e780-5889-bec6-c42efc3e2643", "id": "CVE-2024-38827", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38827 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-jose." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-jose@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:06673f4e-ef9a-542b-be8c-7e2fb11eaa81", "id": "CVE-2025-22228", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22228 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-jose." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-jose@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d758ae0c-4fe2-5571-bebd-1ce8249022fd", "id": "CVE-2025-41248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41248 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-jose." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-jose@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68aac663-5830-5a03-aa73-583894f41751", "id": "CVE-2026-22732", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22732 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-jose." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-jose@5.8.15.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-jose@5.8.15.tuxcare.1" } ] }