{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c1badb4d-38bd-5086-90a2-6ed1aa5410d3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-data@5.6.10-tuxcare.2", "type": "library", "group": "org.springframework.security", "name": "spring-security-data", "version": "5.6.10-tuxcare.2", "purl": "pkg:maven/org.springframework.security/spring-security-data@5.6.10-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6ab1ff2f-4915-57a4-a961-524b0287edaa", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fbcb79ff-bdf8-584d-b719-75a93c9e68a6", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2274d0d4-5713-57b1-96e1-1497a54791ea", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:204a00dc-0583-5389-bd1c-b5a789ba76c8", "id": "CVE-2023-34034", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34034 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:859b6569-be24-5c89-9d19-2b540aa0af6e", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4bcc33fb-185b-54f2-8a83-c3d95d7f28c6", "id": "CVE-2024-22257", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22257 is fixed in version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed99d734-c8c8-5457-acd8-02a023454597", "id": "CVE-2024-38821", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38821 is fixed in version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3df07451-eae6-56c7-8cdc-44b399271065", "id": "CVE-2024-38827", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38827 is fixed in version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:564dbd65-e829-5fc8-80f6-76952f62a967", "id": "CVE-2025-22228", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22228 is fixed in version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:29b54993-d22e-570e-8911-243d681503fd", "id": "CVE-2025-41248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41248 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:950e2f18-0158-5d32-8393-6e9819e1b936", "id": "CVE-2026-22732", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22732 is fixed in version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f1d76c17-bb8a-590d-8d78-61b6473a02b9", "id": "CVE-2026-22746", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22746 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5b2342f8-042a-51fb-9d39-693d22b9546d", "id": "CVE-2026-22747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22747 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d13a29a-73a4-545e-a70c-c1ca0f080b9a", "id": "CVE-2026-22748", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22748 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4198a5ba-779b-5ce0-8fcb-b118049cdf7c", "id": "CVE-2026-22753", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22753 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7ba4c6f-dbbe-56c0-a333-c6c8075b3323", "id": "CVE-2026-22754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22754 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.6.10-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.6.10-tuxcare.2" } ] }