{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c470cb19-2207-552d-85f3-1713a024d4dc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.8.15.tuxcare.1", "type": "library", "group": "org.springframework.security", "name": "spring-security-saml2-service-provider", "version": "5.8.15.tuxcare.1", "purl": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.8.15.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7b37b762-57b7-592a-9f4f-07d9b7d0787b", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc60328a-6f55-5742-897d-7c83d57a7378", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5bd91c81-f00b-58bc-a782-fd69a6bdcd0d", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d22611b-c6f7-53ef-90cd-111cb92f0eac", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:52a476a3-617e-5c7b-8571-625a4875661e", "id": "CVE-2024-38827", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38827 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1f1e31d-ebb0-5317-9507-00db5b9ec7b1", "id": "CVE-2025-22228", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22228 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0127413-50ff-5ecf-94dd-373f1828f6e2", "id": "CVE-2025-41248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41248 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0929b1ef-9007-5821-b94d-55480cd94a91", "id": "CVE-2026-22732", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22732 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.8.15.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.8.15.tuxcare.1" } ] }