{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:cbd4cc92-3746-5036-9b87-795da01f8cef", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework.security", "name": "spring-security-openid", "version": "4.2.12.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2410c4a0-17fb-581c-9ddb-5bcfc57e9f0c", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7808d526-b871-5507-91cc-ee7e7c8d84e5", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0a061f1-e3c2-5965-bc14-658c196671bc", "id": "CVE-2018-1258", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1258 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a44ac4de-3abc-5b48-b337-d464f0576494", "id": "CVE-2019-11272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-11272 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5df728bc-e043-5fb4-a5c9-3c09a059b36c", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:849b5c9b-019f-5745-a960-5ebf98b5c9bc", "id": "CVE-2021-22112", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22112 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68b860c6-13d8-5f1e-a031-ebb95a8c2346", "id": "CVE-2021-22119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22119 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d796a171-3bab-5389-9cd7-47f3cf2978a9", "id": "CVE-2022-22978", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22978 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d9afc144-3226-553b-a4d3-6d5873d70536", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d5cc6789-6c5d-542a-821c-0f87cd2e8744", "id": "CVE-2024-22257", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22257 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e165064-2c3f-5e88-a0a2-d3ad696a8cf9", "id": "CVE-2024-38821", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38821 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca7be0f8-b794-510a-9189-d71818f70d0e", "id": "CVE-2024-38827", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38827 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c4cc6ab-35d5-5e6e-8b16-f75cd76ad8b3", "id": "CVE-2025-22228", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22228 is fixed in version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d6c7ea21-72df-56d9-99f8-c3e217414a50", "id": "CVE-2026-22732", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22732 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9f5c874-0b1e-5989-9fe0-d0d3cd4c8b5d", "id": "CVE-2026-22746", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22746 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eeeb976c-cd19-5968-b58f-edc0fdb62347", "id": "CVE-2026-22747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22747 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e68eca75-d250-57a8-92cd-2f4ced06184e", "id": "CVE-2026-22753", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22753 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:969967da-b73c-5362-b9bf-e198b15d3a2b", "id": "CVE-2026-22754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22754 affects version 4.2.12.RELEASE-tuxcare.1 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@4.2.12.RELEASE-tuxcare.1" } ] }