{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:cff07375-6975-51f6-bc29-9c4f6cfd1f95", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-core@5.7.12-tuxcare.3", "type": "library", "group": "org.springframework.security", "name": "spring-security-core", "version": "5.7.12-tuxcare.3", "purl": "pkg:maven/org.springframework.security/spring-security-core@5.7.12-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fdd14433-6701-5cd4-be04-b1b0d70a7203", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-core." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-core@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:32d88637-36f9-5006-aeda-4323449e3145", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-core." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-core@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8dc608bb-2449-5502-8562-e9e93f09c29b", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-core." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-core@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f680863d-32b9-5a3b-9975-4a08894fe3b3", "id": "CVE-2024-38821", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38821 is fixed in version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-core." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-core@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:01451867-6fdf-5f55-8cc3-d795540cfbfb", "id": "CVE-2024-38827", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38827 is fixed in version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-core." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-core@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:97c8327a-02ff-5d13-bb71-6e62a7d074c1", "id": "CVE-2025-22228", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22228 is fixed in version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-core." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-core@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d3e11ba8-a56b-51a6-8082-3075febe9b4b", "id": "CVE-2026-22732", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22732 is fixed in version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-core." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-core@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3de34f1a-ca35-506a-86ac-95a29a2e9f2d", "id": "CVE-2026-22746", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22746 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-core." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-core@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8283ce4e-b565-58b9-a84e-1b07249d6eb1", "id": "CVE-2026-22747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22747 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-core." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-core@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6149e1bd-2f7b-5e38-ac3b-5d4ba2d00020", "id": "CVE-2026-22748", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22748 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-core." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-core@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9ac46aea-4474-5b08-b914-0c8696fa1dcb", "id": "CVE-2026-22753", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22753 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-core." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-core@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:00b64f62-d8dc-5882-abec-c0afa6c34e74", "id": "CVE-2026-22754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22754 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-core." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-core@5.7.12-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-core@5.7.12-tuxcare.3" } ] }