{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ea4f9a4a-fd62-5e03-b62a-2648a7dbc1b9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare", "type": "library", "group": "org.springframework.security", "name": "spring-security-web", "version": "5.8.15.tuxcare", "purl": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:26c14f87-099d-5be4-bcc4-22f71325cc30", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:1505b7be-5761-554c-80ee-1fe1da5c2b13", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:4e030488-7c67-557b-9e6f-fc6530aaa661", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:283565fc-c446-5d8c-8ebf-8f5ba06bda54", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:526eee52-be78-5fc0-b3f3-b3229e042bd9", "id": "CVE-2024-38827", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38827 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:c8bf746b-c365-5716-a99f-3e50af8bb5f3", "id": "CVE-2025-22228", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22228 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:e3c382d4-5e61-50c1-809f-66e31af2032a", "id": "CVE-2025-41248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41248 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:a607352a-b4f2-5de1-993e-8449250cc788", "id": "CVE-2026-22732", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22732 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-web." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-web@5.8.15.tuxcare" } ] }