{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8a975cb7-2fea-580f-9610-63e64060535d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.3", "type": "library", "group": "org.springframework.security", "name": "spring-security-oauth2-client", "version": "5.6.10-tuxcare.3", "purl": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b09a5f3c-e1f3-5f29-9e6f-8ba3aa9b1b6a", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ea7ab5cf-3557-573f-ab48-666d68012c6a", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e47a0a44-4ad9-5c02-aa97-6cb4ed27882a", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a57e0e56-ed16-561b-8352-3b92df274b48", "id": "CVE-2023-34034", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34034 affects version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:43b762bb-7095-5957-a75a-ac7944667868", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9510de2b-653f-5fa0-a8dc-7893a1c0f37d", "id": "CVE-2024-22257", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22257 is fixed in version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:886741da-da24-557e-97bd-5d863a2fb671", "id": "CVE-2024-38821", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38821 is fixed in version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8b6bef9e-46b1-550f-b5d7-ffffdfd23636", "id": "CVE-2024-38827", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38827 is fixed in version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c2c87d33-a310-5517-9c7a-e89958d7b7fb", "id": "CVE-2025-22228", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22228 is fixed in version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ec20a37d-1f52-5a13-ae01-0028495e348d", "id": "CVE-2025-41248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41248 affects version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:31c1d5b3-9a1b-534e-af91-c1c1c76df56e", "id": "CVE-2026-22732", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22732 is fixed in version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:49b61250-de11-544f-b103-73821d6bc5df", "id": "CVE-2026-22746", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22746 affects version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ea4f3f23-0f81-5e6f-b859-34d72d605312", "id": "CVE-2026-22747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22747 affects version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3ea47623-49c3-59f1-99dd-47d71edceead", "id": "CVE-2026-22748", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22748 affects version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2ece13a1-de28-5d0d-a99a-340e5c63ed8e", "id": "CVE-2026-22753", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22753 affects version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:33af7d1f-603a-5137-ae69-97bb468257a0", "id": "CVE-2026-22754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22754 affects version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.10-tuxcare.3" } ] }