{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:dc6ee1a4-8848-510b-9c32-e618724a9fc6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-openid@5.8.15.tuxcare", "type": "library", "group": "org.springframework.security", "name": "spring-security-openid", "version": "5.8.15.tuxcare", "purl": "pkg:maven/org.springframework.security/spring-security-openid@5.8.15.tuxcare" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7ed04bd2-da41-57b2-91bd-c79c05c3157e", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:600c9a2c-b906-52fd-b745-b6ca94a8a25a", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:4d14814c-9597-5928-b1f6-958041366806", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:5b5897cc-aa6e-5bbd-9e97-65fe2913af4c", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:027a2c87-a698-5d27-898a-b2735d7c04b1", "id": "CVE-2024-38827", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38827 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:7ffa0859-55ea-5719-b483-d4e192c6b0b8", "id": "CVE-2025-22228", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22228 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:76c4ebe2-ec75-59e5-99b7-86af4d5ae2d3", "id": "CVE-2025-41248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41248 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:5a76c2ad-17b1-5ce2-8a1f-ac4d53183142", "id": "CVE-2026-22732", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22732 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@5.8.15.tuxcare" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@5.8.15.tuxcare" } ] }