{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9a2978ee-d6e9-5748-b5cc-b15e9b5b9dc3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.12-tuxcare.2", "type": "library", "group": "org.springframework.security", "name": "spring-security-oauth2-client", "version": "5.7.12-tuxcare.2", "purl": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.12-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:061dfa39-ae4c-5d2e-94ba-8b7236ab7c42", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.12-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:142a90ce-0caa-5e48-8fad-735e42504bbf", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.12-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:62d9a4dc-7da1-55d6-bfac-da6379ab3e89", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.12-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf28b40e-079e-5569-9070-1b9435ecf93e", "id": "CVE-2024-38821", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38821 is fixed in version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.12-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e4f233ab-b39d-5c24-9b19-4f1be749c12e", "id": "CVE-2024-38827", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38827 is fixed in version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.12-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0489b324-f626-55e0-a9dd-4f3ae90afbc7", "id": "CVE-2025-22228", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22228 is fixed in version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.12-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b6027111-39e5-56ce-bda1-ea9aa47e11be", "id": "CVE-2026-22732", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22732 is fixed in version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.12-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c7d6803-7e43-5ec6-b7cc-a1532811c5e9", "id": "CVE-2026-22746", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22746 affects version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.12-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5dc29232-9954-5a0e-bf35-61a1a1cd7b86", "id": "CVE-2026-22747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22747 affects version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.12-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3e1748aa-a5ef-5cab-92b5-8de7e593259a", "id": "CVE-2026-22748", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22748 affects version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.12-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fa0a70ea-bcd4-523a-ae91-22e90c75376a", "id": "CVE-2026-22753", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22753 affects version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.12-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f94a23ba-3d25-5b5b-ae9d-920c3b2acd52", "id": "CVE-2026-22754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22754 affects version 5.7.12-tuxcare.2 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.12-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.12-tuxcare.2" } ] }