{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2ac8e10a-4290-56ee-b3a4-ffcc61460894", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.6.10-tuxcare.3", "type": "library", "group": "org.springframework.security", "name": "spring-security-oauth2-resource-server", "version": "5.6.10-tuxcare.3", "purl": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.6.10-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:244959b4-774a-5553-aff5-8decca227ac9", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:86dd2691-acb0-5897-938d-cb2005091644", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8479f609-9e55-55ab-8e57-1c9f6b2d87ad", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3aecdb15-9df2-57bd-8c60-070b593675dd", "id": "CVE-2023-34034", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34034 affects version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5b824163-ca1b-5e1f-8504-f13279673c60", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b05a1f8c-ee94-5269-91bd-7906fb981cce", "id": "CVE-2024-22257", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22257 is fixed in version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:730ea1d2-a149-59e9-9868-377ee5ac014d", "id": "CVE-2024-38821", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38821 is fixed in version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4a1a0d1d-9693-5f54-933e-9a33ee160187", "id": "CVE-2024-38827", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38827 is fixed in version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e61d4bf6-f8a8-55ae-b0b3-adaf4baa79be", "id": "CVE-2025-22228", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22228 is fixed in version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:28f3d7a1-5946-5b4d-b7b9-b920b6acbc39", "id": "CVE-2025-41248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41248 affects version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:255cd438-d3cc-5411-ae22-3c249b844058", "id": "CVE-2026-22732", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22732 is fixed in version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a0f13272-1130-587d-8484-33efaa2060f4", "id": "CVE-2026-22746", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22746 affects version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:140c7fe1-4ca1-53da-a47f-8d288cdfd50e", "id": "CVE-2026-22747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22747 affects version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3ee58b8c-3b64-5eff-a20a-0779243381f2", "id": "CVE-2026-22748", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22748 affects version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f4ab21d0-53ce-5bf7-b064-5e9d09747a6d", "id": "CVE-2026-22753", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22753 affects version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.6.10-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c3059106-8393-5dc2-89eb-08260658e465", "id": "CVE-2026-22754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22754 affects version 5.6.10-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.6.10-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.6.10-tuxcare.3" } ] }