{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7fd2009b-91e2-52cb-b898-2f3f701d67fd", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.8.15.tuxcare", "type": "library", "group": "org.springframework.security", "name": "spring-security-oauth2-resource-server", "version": "5.8.15.tuxcare", "purl": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.8.15.tuxcare" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:63e82e22-5341-50ea-81ed-6c81ab2c8496", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:50c5f2d2-feba-5907-a2fd-bcb9e4c2c943", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:e2419ca4-d9af-5ea4-bf75-654ae0793215", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:b79b4b43-0fa1-5b2e-9c0a-fb3932b566de", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:bf249f6a-8e0f-5f59-a454-1d3a85fa5502", "id": "CVE-2024-38827", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38827 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:e940ef52-36c2-57eb-93f6-295059afb98b", "id": "CVE-2025-22228", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22228 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:6e441880-493e-5679-aa96-9378213f23cf", "id": "CVE-2025-41248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41248 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:2863a88b-fab0-50ff-960e-0044e9d562d1", "id": "CVE-2026-22732", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22732 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.8.15.tuxcare" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.8.15.tuxcare" } ] }