{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4f6cb5b3-f434-54b0-bf1e-e6a47a3d0b87", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.7.12-tuxcare.1", "type": "library", "group": "org.springframework.security", "name": "spring-security-oauth2-resource-server", "version": "5.7.12-tuxcare.1", "purl": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.7.12-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9d9e66c3-795a-51f4-858c-201519d0c360", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.7.12-tuxcare.1 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.7.12-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3ef30ed7-f4e2-5508-a27e-e4468c027482", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.7.12-tuxcare.1 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.7.12-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d90de828-e75e-5d55-bcb1-df685d7970b3", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.7.12-tuxcare.1 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.7.12-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a7683ad7-3922-5538-85ea-41dc25972086", "id": "CVE-2024-38821", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38821 is fixed in version 5.7.12-tuxcare.1 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.7.12-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a9673403-6a5d-51cd-b59f-d75181dc7457", "id": "CVE-2024-38827", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38827 is fixed in version 5.7.12-tuxcare.1 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.7.12-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f797691-a915-5bdf-88a0-9254fa594b2f", "id": "CVE-2025-22228", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22228 affects version 5.7.12-tuxcare.1 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.7.12-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:48304d28-fe3c-52e6-8575-69cb9f33f901", "id": "CVE-2026-22732", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22732 is fixed in version 5.7.12-tuxcare.1 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.7.12-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.7.12-tuxcare.1" } ] }