{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ed08680a-6daf-51b5-932c-a559d127d77b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-acl@4.2.12.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework.security", "name": "spring-security-acl", "version": "4.2.12.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework.security/spring-security-acl@4.2.12.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:458edf10-26d2-5437-9244-a4997c05d5d4", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-acl." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-acl@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2afb622f-2150-5e73-8823-dbac1eb68c9e", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-acl." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-acl@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef75656e-4215-5588-9d16-8d68a789c0dd", "id": "CVE-2019-11272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-11272 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-acl." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-acl@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d2da1eb-b090-5300-925c-bd8f0b5ab783", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-acl." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-acl@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1490fb0a-d79d-56a3-8d11-c25d257a5899", "id": "CVE-2021-22112", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22112 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-acl." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-acl@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1613ff9-3ed4-5330-ac4f-df7ae59e3d3b", "id": "CVE-2021-22119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22119 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-acl." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-acl@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b6e26dfd-42f0-5ec8-81a3-bb527db9124d", "id": "CVE-2022-22978", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22978 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-acl." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-acl@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:617c0722-87be-5fe5-ba4e-8631eeae4368", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-acl." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-acl@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:278efb97-b805-5755-89e0-553c9ca53068", "id": "CVE-2024-22257", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22257 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-acl." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-acl@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d74a246f-fb48-5471-a570-fb9d87ccad64", "id": "CVE-2024-38821", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38821 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-acl." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-acl@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0264f0e-cffc-5484-82bd-cbbd383eabf7", "id": "CVE-2024-38827", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38827 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-acl." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-acl@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:826751bc-afb3-5a5d-8168-3370d69d8494", "id": "CVE-2025-22228", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22228 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-acl." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-acl@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c78be992-1d11-59ee-ad3a-fafd3b9789cb", "id": "CVE-2026-22732", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22732 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-acl." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-acl@4.2.12.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-acl@4.2.12.RELEASE-tuxcare.1" } ] }