{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:79cf97ad-49d2-54ca-9e2f-3c84250a75a8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare.1", "type": "library", "group": "org.springframework.security", "name": "spring-security-web", "version": "5.8.15.tuxcare.1", "purl": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:eef2e832-9447-5537-975f-235e26600854", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1214c24b-d73e-5ae4-9321-919ffe21340b", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91d3ac22-5023-5ea6-80c5-0f7ef5f6fe09", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:400dd514-ca5c-5a28-8d82-94fdfae180be", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c0af28ab-c5eb-5342-8ff1-1e4eda53a767", "id": "CVE-2024-38827", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38827 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6111e5cc-d7e5-55e1-b2d2-dcadb2f3be19", "id": "CVE-2025-22228", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22228 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b5e5fff-f498-5373-82b5-8bc1afe2acee", "id": "CVE-2025-41248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41248 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:32fc1f85-5b85-5ca5-a647-71f37a42b347", "id": "CVE-2026-22732", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22732 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare.1" } ] }