{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5c45153f-1a54-5c98-904b-6b51ad6bac65", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.7.12-tuxcare.3", "type": "library", "group": "org.springframework.security", "name": "spring-security-oauth2-resource-server", "version": "5.7.12-tuxcare.3", "purl": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.7.12-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1281dc93-ee04-53a0-aa78-e59522d669a7", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:18881787-ad3a-593f-bb92-6a1482c30c8e", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:48ccc97c-44de-508d-a014-ca49132eee6c", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9eebb686-ff68-5773-ad82-a8c5e76e2629", "id": "CVE-2024-38821", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38821 is fixed in version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8f3c3860-1620-5073-8586-50f5eba414ce", "id": "CVE-2024-38827", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38827 is fixed in version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:06516ea5-c53d-55d0-8a1c-8b11a2dba8da", "id": "CVE-2025-22228", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22228 is fixed in version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d43a2bf1-6208-5e33-9c5e-736b7a7c77d3", "id": "CVE-2026-22732", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22732 is fixed in version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f92d90b9-7872-5858-86c0-f05da6013eb1", "id": "CVE-2026-22746", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22746 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6c5b9a7b-e9b5-5aad-b9da-722574e0002d", "id": "CVE-2026-22747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22747 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3808c370-b119-5324-b1b1-7a42ee6f4cb4", "id": "CVE-2026-22748", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22748 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cc0bd6b1-0cb2-567c-b345-f9e2f0d5216c", "id": "CVE-2026-22753", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22753 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d289fc23-1c2c-5406-a223-020872b6e440", "id": "CVE-2026-22754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22754 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-oauth2-resource-server." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.7.12-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@5.7.12-tuxcare.3" } ] }