{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f28d05a5-fcea-5cf0-91b9-84daff0ce090", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-core", "version": "4.1.7.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:56a92456-926d-5548-8ca7-75a460378f76", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0cf61acb-a072-5f8a-a97d-1b2442e59ba6", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:288076a4-3193-5e74-af59-a256e37ecc26", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e7220910-b699-554a-84e8-86d42827e577", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d1e238a2-705b-50dc-b6c9-dc198600bef4", "id": "CVE-2018-11040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11040 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:62a17725-864f-5f15-bb30-db943dcc8ffb", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6bd4d71f-d833-5841-9e77-26ab86aae5db", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0694bfe4-6cbe-5ecf-a916-6d1e1ec953f1", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0df2dd7a-c2f6-59a2-a2ed-236897f2ada8", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b2856a30-cb8d-571e-9da7-5672d7784aaf", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3c73fb49-862a-54aa-b1fe-390dbc5401bb", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f181d839-612e-585d-8726-b201e62fcd79", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d7470adf-ba81-5d84-abc0-fe44f1b1eec0", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:99e39ac6-4628-5506-8a68-7cb9455b8f2a", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6bc84dd4-9569-5a1c-97d1-8daff1c70496", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:68d81825-9935-58f3-b2be-052c41f86a9d", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:addf9368-de57-5f91-ae73-c90103013b9f", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7e065d10-eaaf-52b8-b360-d28155332ebd", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f228bab1-f466-5649-83ff-4a1fa1655dfd", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:670cf844-fae4-5c54-8a28-a50306be2f0a", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c89b100c-21db-59a4-ac22-c63e8901dd52", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:75a25335-59d1-57aa-b175-6404d63e9439", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f1998042-60f9-5d0f-bf97-a9b9ace99ed4", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:435f6ab1-e12e-541c-bd78-d4597606023d", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:66bef98b-1c2d-54e2-a79f-9a5f813ff9ba", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7fe91814-7b04-5fc1-becc-bc3c21ccc741", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0092e2ec-659d-5801-8e7d-721b7e333956", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5b76d4f4-3b12-5874-8022-19e1809c0ca7", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:52ff4daf-6bdd-522c-99e1-c7b63ab3f09a", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ed78bfe6-1488-553b-82e3-bfc7e777c93f", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-core@4.1.7.RELEASE-tuxcare.3" } ] }