{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ab4c3efc-0395-506f-a1e0-5e2df1bd08a5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-openid@5.7.12-tuxcare.3", "type": "library", "group": "org.springframework.security", "name": "spring-security-openid", "version": "5.7.12-tuxcare.3", "purl": "pkg:maven/org.springframework.security/spring-security-openid@5.7.12-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:854aea7b-902d-5d88-b092-9ff306463bac", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:67795853-e0c1-59dd-84c4-569643ecb832", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:61c53d23-d7e1-503a-bc2f-5fc35926370a", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eef137e2-1bbe-57a9-bd79-928ae7c9510e", "id": "CVE-2024-38821", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38821 is fixed in version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dfe0024f-31b6-55ad-864f-1bbb9ea39c9f", "id": "CVE-2024-38827", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38827 is fixed in version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:83a80207-0ed4-54d2-8249-3fc96437afdd", "id": "CVE-2025-22228", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22228 is fixed in version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ce370074-2dbf-5445-9b15-8885753f1752", "id": "CVE-2026-22732", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22732 is fixed in version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d9fb2b17-c3a2-5fea-b947-5e4bd07794f8", "id": "CVE-2026-22746", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22746 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cddf28d0-d5fe-5277-8d63-0b75c7b5460e", "id": "CVE-2026-22747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22747 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1f2bd992-0f87-555c-a8b3-a8579edbfa79", "id": "CVE-2026-22748", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22748 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:518da6a6-80b7-5508-95ae-3b5ff3d50788", "id": "CVE-2026-22753", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22753 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@5.7.12-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c79e20e1-7a47-56f2-a987-4b44226dc7ce", "id": "CVE-2026-22754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22754 affects version 5.7.12-tuxcare.3 of org.springframework.security:spring-security-openid." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@5.7.12-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-openid@5.7.12-tuxcare.3" } ] }