{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2d8093c6-df31-504b-bf53-f322c54f6e4d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.7.12-tuxcare.2", "type": "library", "group": "org.springframework.security", "name": "spring-security-saml2-service-provider", "version": "5.7.12-tuxcare.2", "purl": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.7.12-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:42d5ffee-5d2f-5aa4-a321-217019adbb1f", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.7.12-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a2d8b224-2e24-5a83-8027-602779391178", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.7.12-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1fbf2a11-abc7-52cb-8dce-29564ddd9ef1", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.7.12-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f94440de-9841-555a-9d8f-c3aae1d4aaae", "id": "CVE-2024-38821", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38821 is fixed in version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.7.12-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dfe23a06-a872-5266-8ea5-0cd0c683e513", "id": "CVE-2024-38827", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38827 is fixed in version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.7.12-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9550c5d1-5368-55d7-8266-151a36b65e84", "id": "CVE-2025-22228", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22228 is fixed in version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.7.12-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fb5eba78-3488-5d61-92df-f028ebfcb9a2", "id": "CVE-2026-22732", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22732 is fixed in version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.7.12-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.7.12-tuxcare.2" } ] }