{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:49dd7c49-1d90-59b3-8f63-46072d4b51c6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1", "type": "library", "group": "org.springframework.security", "name": "spring-security-data", "version": "5.8.15.tuxcare.1", "purl": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0d659f43-0aba-54c3-8fbc-36bdcf8399c2", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:569d787a-7a4f-5604-b9f8-50987bef6cfc", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8624ff03-961a-58ec-a8fc-b9ae6b7f2e0d", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:41115c8a-53e0-5dd2-a67e-3bef5d63b6a0", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ca8eed0-fb48-591e-aaa7-9487aa57f76e", "id": "CVE-2024-38827", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38827 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a4fab528-33d4-588b-a9a3-3ce048d43ca1", "id": "CVE-2025-22228", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22228 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2869c583-4fc0-5b1b-9dc0-55deba019c14", "id": "CVE-2025-41248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41248 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6723f338-bc16-5cba-8568-66541021da4f", "id": "CVE-2026-22732", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22732 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:56e24298-f869-5f29-8665-0cd4358ab3f8", "id": "CVE-2026-22746", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22746 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:31a0d64a-5573-5a2a-8930-cb5f038d336e", "id": "CVE-2026-22747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22747 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7bc0d59c-578b-507c-b30f-249d9a9171fa", "id": "CVE-2026-22748", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22748 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:86012e73-912f-5859-914d-bad30e555d81", "id": "CVE-2026-22753", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22753 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b907faaa-5140-55e5-9755-5c97bd06e2a1", "id": "CVE-2026-22754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22754 affects version 5.8.15.tuxcare.1 of org.springframework.security:spring-security-data." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-data@5.8.15.tuxcare.1" } ] }