{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2eb6d4d7-5d9f-5f6d-ab4e-228f8c3efe5d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-bom@5.7.12-tuxcare.3", "type": "library", "group": "org.springframework.security", "name": "spring-security-bom", "version": "5.7.12-tuxcare.3", "purl": "pkg:maven/org.springframework.security/spring-security-bom@5.7.12-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:92061925-0789-5c6a-a0ba-dcc6573f218d", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:16832088-eb31-5e16-ba9e-ba189cd0ad49", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b8e924f5-c18d-5072-9f95-96d90ed6c6a6", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fb145acf-82f0-5c6a-933e-64ac0b5e2307", "id": "CVE-2024-38821", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38821 is fixed in version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9a86056a-fa85-55ac-9054-a57419c1ca9a", "id": "CVE-2024-38827", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38827 is fixed in version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7e093f34-6647-5091-ad5a-b156243d731f", "id": "CVE-2025-22228", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22228 is fixed in version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:af0aed7d-bf15-5935-947a-09e398b1de92", "id": "CVE-2026-22732", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22732 is fixed in version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5393c84b-d165-5e54-9d0d-e4f6e5471f0e", "id": "CVE-2026-22746", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22746 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f57ea664-8788-5154-b197-2dad32faaa62", "id": "CVE-2026-22747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22747 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:85def1df-cb75-5038-b868-bfdf5bb829ad", "id": "CVE-2026-22748", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22748 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cde722ba-c721-5e26-84d8-9b7cfc2c0d4b", "id": "CVE-2026-22753", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22753 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7476f1d9-c719-58c0-b416-2886d9703c92", "id": "CVE-2026-22754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22754 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.7.12-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-bom@5.7.12-tuxcare.3" } ] }