{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6a52962e-7763-56a7-95dc-fb992ed0a719", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-crypto@4.2.12.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework.security", "name": "spring-security-crypto", "version": "4.2.12.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework.security/spring-security-crypto@4.2.12.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:92ec1ab1-d46e-5b9b-b583-56fbf76e9ca9", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1dc5e7af-174d-59ce-8cfe-ac196336a815", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:656ef390-39e0-575a-9d89-e8d2812ce578", "id": "CVE-2019-11272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-11272 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55a9c56b-e68a-57f3-936f-2f11c9ad8412", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c7ef69ae-fcfa-5e56-bfbf-af071a3c69ca", "id": "CVE-2021-22112", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22112 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3e1b514-a338-5a61-8c4c-49130a39e240", "id": "CVE-2021-22119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22119 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:924ca547-fd9b-541a-913d-a597bc2c0d80", "id": "CVE-2022-22978", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22978 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aee2a73e-b63f-540c-a287-f38bcc15a08a", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a3eaa87-d147-5e71-9c1e-361baf704bbb", "id": "CVE-2024-22257", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22257 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:52e20600-5410-5baf-9aff-43f1fd576b56", "id": "CVE-2024-38821", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38821 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a07c112c-89fe-53cf-99a3-fe7c16168e41", "id": "CVE-2024-38827", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38827 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f67212e3-f90b-58a0-8f38-3895dc672f8d", "id": "CVE-2025-22228", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22228 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9803859e-6f66-530b-bc2c-7461436cd026", "id": "CVE-2026-22732", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22732 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@4.2.12.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@4.2.12.RELEASE-tuxcare.1" } ] }