{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:efb882fa-bc2d-5c95-b6cf-1b4a164511f3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-messaging@4.2.12.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework.security", "name": "spring-security-messaging", "version": "4.2.12.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework.security/spring-security-messaging@4.2.12.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:78417482-c20d-5822-9dac-9cb23d739609", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:264ed986-e8ec-55ae-81ed-cb63d7675575", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8339a704-3c6c-5a62-9457-5c6e563b6c03", "id": "CVE-2019-11272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-11272 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1744e213-39d7-5f84-863d-fef260551f0c", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f7e269b-e6a7-5218-8b41-c9dbc3430bea", "id": "CVE-2021-22112", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22112 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3bd744b6-bcab-5dcb-9c49-3948e9e0fb80", "id": "CVE-2021-22119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22119 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60247700-7935-5321-9766-1bf36b9c4bb5", "id": "CVE-2022-22978", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22978 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e9d5e2f-3ced-5ec2-a5e1-81b918769e67", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0aeb0e34-7e88-5008-a8a3-ae55a784f2bd", "id": "CVE-2024-22257", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22257 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f18eb6a0-88c8-5b07-a6b8-ceecea088c39", "id": "CVE-2024-38821", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38821 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:00196745-ed2c-5346-bed2-ffa4b61c9c6d", "id": "CVE-2024-38827", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38827 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec5a0d6c-b94d-517d-ba2c-fecec5a570c9", "id": "CVE-2025-22228", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22228 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:239caeec-5d69-5c22-849a-2f43ba34b53d", "id": "CVE-2026-22732", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22732 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@4.2.12.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@4.2.12.RELEASE-tuxcare.1" } ] }