{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7bc96325-c66e-556e-a07f-e0b98df48562", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1", "type": "library", "group": "org.springframework.security", "name": "spring-security-oauth2-client", "version": "5.6.10-tuxcare.1", "purl": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cad58f93-75b4-5219-98df-177efe96e805", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be7a6f57-c85d-553b-b2ca-dba752af4037", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb582499-a2f7-5bc5-a0b7-98d22d89f4a2", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:94f4d0e4-daae-536c-b818-7789e9db56c3", "id": "CVE-2023-34034", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34034 affects version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9eca36a7-2bd0-5139-9c7b-15392ed4e6ec", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b692ad8e-f59f-579c-9a0b-ce69b911beee", "id": "CVE-2024-22257", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22257 is fixed in version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:102dfa7d-f8ae-5416-9c9e-5a73284cc13b", "id": "CVE-2024-38821", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38821 is fixed in version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:62878020-812f-51bf-9cba-048b4f49b457", "id": "CVE-2024-38827", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38827 is fixed in version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1812d742-8dc6-5391-a2f2-1af6ea1c8a49", "id": "CVE-2025-22228", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22228 is fixed in version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd084a44-d948-5c7d-831c-b5387355b074", "id": "CVE-2025-41248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41248 affects version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fdd9f1b9-502e-581b-95f5-5bea1f9165c2", "id": "CVE-2026-22732", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22732 affects version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f8ca26f4-1152-5348-a6cb-58dea710f346", "id": "CVE-2026-22746", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22746 affects version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:87c6a251-5838-5eb4-bebc-f84804386875", "id": "CVE-2026-22747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22747 affects version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb0d49cb-22d6-58fb-9866-15d579404146", "id": "CVE-2026-22748", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22748 affects version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f069951b-a552-5f16-b907-e3fd85abf892", "id": "CVE-2026-22753", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22753 affects version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e91ecef-ac52-501b-bb2d-013011245ce4", "id": "CVE-2026-22754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22754 affects version 5.6.10-tuxcare.1 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.1" } ] }