{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:933378f0-27ca-5bc9-9136-7f8343ab2b90", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-bom@4.2.12.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework.security", "name": "spring-security-bom", "version": "4.2.12.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework.security/spring-security-bom@4.2.12.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bbb1d5dd-818c-5c87-ad78-9b626ec08221", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c819cb11-fedc-5427-9ebe-4aeac1c485bf", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d25db1a5-85b8-589e-bad5-7b638a266dcc", "id": "CVE-2019-11272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-11272 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:93283569-cc50-576f-9e89-4ac0698edaa4", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0b81d710-3187-5264-b3d3-ec7da38d2e4a", "id": "CVE-2021-22112", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22112 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f0188cd-6d4f-5661-b425-b96c7096aa83", "id": "CVE-2021-22119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22119 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dffe7c74-9e38-5baa-a4ff-60efa900442d", "id": "CVE-2022-22978", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22978 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b32cb241-83be-5d25-9d43-9709407b1aa1", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa4942e9-6f56-5760-acae-3c55ed1d0c8f", "id": "CVE-2024-22257", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22257 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9a7323fd-3d9e-50b5-bc22-9faf47c8bf83", "id": "CVE-2024-38821", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38821 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4199a15-7522-593d-96a1-49bfe568a533", "id": "CVE-2024-38827", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38827 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d6c4a166-0a92-5567-8c4d-b15f4b234245", "id": "CVE-2025-22228", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22228 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2da762c5-8b3a-576b-9427-6189284b2b6e", "id": "CVE-2026-22732", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22732 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@4.2.12.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@4.2.12.RELEASE-tuxcare.1" } ] }