{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:18494847-9ccc-5bbb-9e29-4fc29cede8dd", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.8.15.tuxcare.1", "type": "library", "group": "org.springframework.security", "name": "spring-security-oauth2-resource-server", "version": "5.8.15.tuxcare.1", "purl": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.8.15.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:54eca5eb-3218-50a0-ab23-10398464c10a", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a55fca12-06b1-5000-9cda-65c851df74c9", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7726c948-d8b8-5bb2-b188-fde95b9047b6", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9cc2218-4957-5359-84e9-0f49795ca9b4", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5cd932df-dc97-5c1b-ad86-02429d3e81cd", "id": "CVE-2024-38827", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38827 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2d127623-cf7e-5b23-8328-3d9cb0f475d2", "id": "CVE-2025-22228", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22228 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d234a0dc-be73-5a36-b96e-9837a38f71eb", "id": "CVE-2025-41248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41248 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd10a17b-454a-5388-97aa-49c0cf16beaa", "id": "CVE-2026-22732", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22732 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.8.15.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.8.15.tuxcare.1" } ] }