{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:42b5af45-6a40-596c-afa6-97b8cef5d19a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-config@5.7.12-tuxcare.3", "type": "library", "group": "org.springframework.security", "name": "spring-security-config", "version": "5.7.12-tuxcare.3", "purl": "pkg:maven/org.springframework.security/spring-security-config@5.7.12-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:808b475f-1838-53de-9223-7064a09d8adf", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-config." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-config@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f4c9c2ea-15b0-557e-abab-4d9555504515", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-config." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-config@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dd092ea0-7f65-5ece-aa0c-1c2a14f963f1", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-config." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-config@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a9bba7ea-9d28-548f-a9bb-e36dbe37a172", "id": "CVE-2024-38821", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38821 is fixed in version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-config." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-config@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:086c9a3f-bae0-54e3-a1d0-cc432ed92cc1", "id": "CVE-2024-38827", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38827 is fixed in version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-config." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-config@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:034389e8-c65a-579d-8d77-51351cbefed8", "id": "CVE-2025-22228", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22228 is fixed in version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-config." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-config@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:df606292-7e05-506b-bb49-0b8bf4cf429a", "id": "CVE-2026-22732", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22732 is fixed in version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-config." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-config@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:00e10a7e-42cb-5739-8c79-7b44398470f1", "id": "CVE-2026-22746", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22746 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-config." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-config@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:363cbad4-9520-5381-9071-03b53341c48f", "id": "CVE-2026-22747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22747 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-config." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-config@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dcb0e493-0ad5-5f58-987d-ca232dc60446", "id": "CVE-2026-22748", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22748 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-config." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-config@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f6d0874d-917b-5824-8d56-fb7cb4966884", "id": "CVE-2026-22753", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22753 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-config." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-config@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:11611772-bffa-5461-aa2e-fc2a859af3d6", "id": "CVE-2026-22754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22754 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-config." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-config@5.7.12-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-config@5.7.12-tuxcare.3" } ] }