{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f48d41b0-d8c4-5c4d-b844-af609ede3a41", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare", "type": "library", "group": "org.springframework.security", "name": "spring-security-bom", "version": "5.8.15.tuxcare", "purl": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3429f85c-d162-567d-b109-5c7251699cd6", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:0012f29d-dabe-5ab4-8e50-19a5d22598ba", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:a8eb97eb-d6f1-5fbd-8a74-98f8a7a71473", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:fbcd5d65-c651-5b2d-beca-37f0d4f75013", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:c159bbe3-8a35-5689-9239-0cd1d3fc9523", "id": "CVE-2024-38827", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38827 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:0fd2cb29-4ea3-5546-ab82-77160d1ae92e", "id": "CVE-2025-22228", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22228 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:c5be5ce2-4012-591f-ad92-a780746bbf88", "id": "CVE-2025-41248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41248 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:9aa47947-0230-5ea0-a70d-94057f8b5985", "id": "CVE-2026-22732", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22732 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:d83fa80a-fd7e-5203-9036-0c9852284afc", "id": "CVE-2026-22746", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22746 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:940f4d89-220a-5aa9-8d03-3b3941e109f9", "id": "CVE-2026-22747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22747 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:2c90117f-f73f-5fd0-8b10-88803df0e9be", "id": "CVE-2026-22748", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22748 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:296c395c-a22a-5e84-995f-b7ed7937e7fd", "id": "CVE-2026-22753", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22753 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare" } ] }, { "bom-ref": "urn:uuid:fa833fca-eb7e-5d32-af98-41c4ad2f5966", "id": "CVE-2026-22754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22754 affects version 5.8.15.tuxcare of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.8.15.tuxcare" } ] }