{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e46e500e-85fa-5f82-ae9b-e6d60c3f37f1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.8.15.tuxcare", "type": "library", "group": "org.springframework.security", "name": "spring-security-saml2-service-provider", "version": "5.8.15.tuxcare", "purl": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.8.15.tuxcare" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9165cb20-1194-5173-ab9e-a6949dde9566", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:164241a0-02d0-5b3f-89e9-7b9d73b0d8c0", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:5dcf2c98-ec01-5877-af58-430346c10ed6", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:dc377675-14c9-5fda-b37c-9ec2bd996acc", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:beca3704-57cf-5152-a8f2-21d130c3a7c1", "id": "CVE-2024-38827", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38827 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:bb146836-a0c2-5d9b-afc7-da22380bfd1e", "id": "CVE-2025-22228", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22228 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:844f993e-faf9-56f0-9403-8699f0b30ea1", "id": "CVE-2025-41248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41248 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:92ea2768-1cbc-54d4-9cd9-2bc93b1d4a64", "id": "CVE-2026-22732", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22732 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.8.15.tuxcare" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.8.15.tuxcare" } ] }