{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b5bbe044-bc86-5ba7-8dd9-2e4b392ef764", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.6.10-tuxcare.2", "type": "library", "group": "org.springframework.security", "name": "spring-security-saml2-service-provider", "version": "5.6.10-tuxcare.2", "purl": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.6.10-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e3307b05-6993-5a3c-8d85-902160480788", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bce021c8-f5af-516a-aef8-9deab2d8d026", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f0db962a-79c3-521c-a6c9-5eee3af92a7d", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb10f0a9-6c41-554f-b5ca-720cf4433e5e", "id": "CVE-2023-34034", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34034 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c8d8b78b-38c2-533a-8c30-6f38b141aec0", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a0668f5b-28a3-5780-b91f-fb2c14931f8c", "id": "CVE-2024-22257", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22257 is fixed in version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6c66b88e-529f-5230-a634-e2742c3ce186", "id": "CVE-2024-38821", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38821 is fixed in version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca76a7e8-581f-592c-ac8e-ffa58cd1e2cc", "id": "CVE-2024-38827", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38827 is fixed in version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9dd8a718-004b-5f99-be29-012cb5184d16", "id": "CVE-2025-22228", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22228 is fixed in version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:138e1df4-d96a-57ad-8eba-2dc1db01a735", "id": "CVE-2025-41248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41248 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5d10031-ebc5-5f3d-a30a-1fae28cfa178", "id": "CVE-2026-22732", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22732 is fixed in version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:62e84c46-9ba5-5c83-a52c-b826a0c8b8e7", "id": "CVE-2026-22746", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22746 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4977c7ab-39e7-5924-b371-5268169bc102", "id": "CVE-2026-22747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22747 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34766d03-b006-5a7f-a0d8-9d0b9526ded8", "id": "CVE-2026-22748", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22748 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9e335bfb-f617-5b62-95c4-75c96d4f0ec3", "id": "CVE-2026-22753", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22753 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a43766d-abc2-502b-a299-3a76f61a0dbe", "id": "CVE-2026-22754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22754 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-saml2-service-provider." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.6.10-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@5.6.10-tuxcare.2" } ] }