{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:12ea4e67-8ddc-55cd-89e3-0801c8e20e99", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-cas@4.2.12.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework.security", "name": "spring-security-cas", "version": "4.2.12.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework.security/spring-security-cas@4.2.12.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:15c05fd2-67f5-5207-879e-fb7bac5caf9a", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-cas." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-cas@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a16aed5d-6e4e-513a-809c-68c67657505e", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-cas." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-cas@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee033e8c-bfcd-5743-b8f0-1bb8273f40aa", "id": "CVE-2019-11272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-11272 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-cas." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-cas@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1c84bb43-4209-5ff9-8797-86b79b64e1b1", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-cas." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-cas@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba9767a2-9764-5bd8-82a9-c74ff4177f1e", "id": "CVE-2021-22112", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22112 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-cas." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-cas@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ceaec48-b130-530b-99c9-bbb420cea7db", "id": "CVE-2021-22119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22119 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-cas." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-cas@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3fbbd4c-95a0-5cb2-835f-d69057adf190", "id": "CVE-2022-22978", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22978 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-cas." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-cas@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cba802c8-63e2-5df6-b675-c24958880d70", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-cas." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-cas@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd6e3f75-df5a-5a7b-ac3d-07a8f8f6dfd3", "id": "CVE-2024-22257", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22257 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-cas." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-cas@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:348c96dc-718b-5e17-b75d-babfe88867b6", "id": "CVE-2024-38821", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38821 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-cas." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-cas@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5a313a17-622e-5f7a-898f-cb84840c86cf", "id": "CVE-2024-38827", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38827 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-cas." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-cas@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:08842a09-cad1-5373-971f-c542d338d740", "id": "CVE-2025-22228", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22228 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-cas." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-cas@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:768a616d-34fe-5860-b120-2ed15b60e25a", "id": "CVE-2026-22732", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22732 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-cas." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-cas@4.2.12.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-cas@4.2.12.RELEASE-tuxcare.1" } ] }