{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ad2a7859-5e9d-5693-9333-bcefa34a9509", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework.security", "name": "spring-security-openid", "version": "4.2.12.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2410c4a0-17fb-581c-9ddb-5bcfc57e9f0c", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7808d526-b871-5507-91cc-ee7e7c8d84e5", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a44ac4de-3abc-5b48-b337-d464f0576494", "id": "CVE-2019-11272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-11272 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5df728bc-e043-5fb4-a5c9-3c09a059b36c", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:849b5c9b-019f-5745-a960-5ebf98b5c9bc", "id": "CVE-2021-22112", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22112 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68b860c6-13d8-5f1e-a031-ebb95a8c2346", "id": "CVE-2021-22119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22119 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d796a171-3bab-5389-9cd7-47f3cf2978a9", "id": "CVE-2022-22978", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22978 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d9afc144-3226-553b-a4d3-6d5873d70536", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d5cc6789-6c5d-542a-821c-0f87cd2e8744", "id": "CVE-2024-22257", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22257 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e165064-2c3f-5e88-a0a2-d3ad696a8cf9", "id": "CVE-2024-38821", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38821 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca7be0f8-b794-510a-9189-d71818f70d0e", "id": "CVE-2024-38827", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38827 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c4cc6ab-35d5-5e6e-8b16-f75cd76ad8b3", "id": "CVE-2025-22228", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22228 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d6c7ea21-72df-56d9-99f8-c3e217414a50", "id": "CVE-2026-22732", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22732 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }