{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9c7f41c0-aa6b-5eb6-b8f7-8b6d53effb56", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-crypto@5.7.12-tuxcare.3", "type": "library", "group": "org.springframework.security", "name": "spring-security-crypto", "version": "5.7.12-tuxcare.3", "purl": "pkg:maven/org.springframework.security/spring-security-crypto@5.7.12-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:542a1c00-2889-598f-8a84-52d0f8a6414d", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:12e8d64a-531f-5d1e-8ae8-757ab8d0d583", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1a90daa4-3d2b-5a51-a2bf-8bad0ffa48f9", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:637a615c-681a-504a-a95e-d83e9cc39da8", "id": "CVE-2024-38821", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38821 is fixed in version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:15bc311a-daf6-536b-ad6f-a3f0d9c75dfd", "id": "CVE-2024-38827", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38827 is fixed in version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8f037dd6-989d-51c3-b74c-848e90a20a02", "id": "CVE-2025-22228", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22228 is fixed in version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a7a1adb7-e697-5e8c-b29f-e026c42250c9", "id": "CVE-2026-22732", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22732 is fixed in version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:87251ff2-7e49-5425-85db-448cf5737904", "id": "CVE-2026-22746", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22746 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7e395fa3-b691-5537-9300-e3c0b20f2861", "id": "CVE-2026-22747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22747 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:62a22fbc-24dd-5f99-be9a-5e35b36db694", "id": "CVE-2026-22748", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22748 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0c272c93-1b36-53a6-a655-1bd63fe08ac8", "id": "CVE-2026-22753", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22753 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c3e28489-cf64-5d5b-b755-4c4bc0b37688", "id": "CVE-2026-22754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22754 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-crypto." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@5.7.12-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-crypto@5.7.12-tuxcare.3" } ] }