{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c75ef5b0-41d1-5ab8-aa52-33750ab1974e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-core", "version": "3.1.1.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6a816e52-8fc5-5e89-b2d0-9f20b5bb9412", "id": "CVE-2013-4152", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-4152 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:180bfbef-11f9-52d3-b051-d7d45738f87b", "id": "CVE-2013-6429", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6429 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:16a81bd2-730a-5d54-90ad-9e27cddb35cb", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1cb5a74d-6d57-5a2d-8367-f9dcb0e66ebc", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:22f3315d-72b8-5572-8bef-580ccf230719", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:35b8a25f-c31b-5223-9ca4-487352144fec", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b19cb98b-2087-58b1-a338-a3943674ffe0", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:de99075a-e80a-5d97-a507-bce0f04dff00", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b59e5634-baab-53fd-9889-7b0ef7e11d97", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ac60ce7-7547-5c85-bef4-d6b80e28b9d5", "id": "CVE-2015-3192", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-3192 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2aa0be53-7171-542d-aa98-d5791628fc23", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6eea25af-03e2-5162-be40-7aa12b06897a", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3a3758b3-c012-5c33-99da-0f946182b0c2", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a5579af-578d-5a7a-9d9f-52f6be95a147", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3573bd3d-3152-54d3-8f52-089eb96f4820", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6ee30f93-81a7-588a-8ecc-80b17470655f", "id": "CVE-2018-11040", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-11040 is a false positive for org.springframework:spring-core 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e9db52d-3926-5bb2-87ed-75d9c21602a9", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-core 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:21428833-4bb1-555e-a7a8-aea9cf8a585d", "id": "CVE-2018-1270", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1270 is a false positive for org.springframework:spring-core 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a95ff80-06a5-52b2-a16f-f7769d01f84a", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:863c0071-91c0-5bf3-b77d-f9cc1b97077c", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:93427026-2d69-5eb0-b68e-78c8eb546989", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:772b030f-0cb3-5138-9899-73ff88ce10a3", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d0a245e7-e4a4-5e71-a957-adecb7c0b978", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:81f80a83-02fd-5f74-a52e-9dd1c9607ba1", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5b758c0-6d7d-5e63-9089-69a2ebb4873d", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:855df2ba-5e68-5ffe-9e5d-5e28c2915647", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2fcfcb89-3fa1-5219-8347-dccf39349606", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e2920352-03ad-527a-a57d-5045951092e2", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5354619-1747-59d0-9927-4e3df45dd320", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d35b325-d90b-5863-97c9-a7a9743256eb", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bfe87245-0836-502d-8b69-2e32cdb14d9f", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b5810a8-9a1b-5066-b927-e80435517380", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5af531d2-8f01-52ef-88e3-e12d7d279bfa", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e570e1d1-04fb-5f9a-8c16-f74da2da8a74", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b9ad1bc2-5ed9-5a96-8e7d-8ce02a06d192", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:325c4b41-eebf-5f07-aa8f-a0c97d22dd5e", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:00dddd3e-95fb-545a-a038-d59ed1fe93de", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5481ff93-1446-5810-9f87-04157a1f86cb", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:be5d6e80-60fc-550d-bc6b-4d999879b5c3", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc17e189-4be6-55a6-ba3c-f427f1468de8", "id": "CVE-2025-41242", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41242 is a false positive for org.springframework:spring-core 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bdd4215e-988b-5531-a4cc-1fd49e97709f", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0f7ff288-6a72-58e8-b0ad-f6f2c04961b0", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:48ea47a6-d2fd-5c49-a14f-674f50ff2496", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-core@3.1.1.RELEASE-tuxcare.2" } ] }