{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d172b02a-e7de-57c7-b5da-259f97fe6e41", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-core", "version": "4.2.9.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cdbb816c-dd26-5f3e-b34a-59cc962e90f4", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c3584b98-a2d9-5080-ad78-310bf3929c5a", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:17c45fcc-da47-58e0-a196-c2bd16ee082a", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eb3f2d02-0636-54c1-a593-ad93c4fc119e", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:62926486-6d4f-526b-a6cc-e01965fc49fc", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce89a562-6c48-5acc-9438-7333055e1e38", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:08589e9a-d798-5156-abf8-164017fc3f6f", "id": "CVE-2018-1275", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1275 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:71eda74d-4cc6-54e6-9e27-47955beaa6df", "id": "CVE-2018-15756", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-15756 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9274753b-4df1-5eb3-aed0-dcd1baf6e388", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d2942df5-6871-5e5c-a6bb-258fd957222b", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61456786-74d0-5dc1-a4d9-231b0c401b97", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:160025c5-f638-5750-a79f-923bd38901ce", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1920c6ff-8675-5c96-ba4e-cb7935926920", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c05ab34-8183-5f85-a654-12ec2b92e6aa", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1564912-7e5c-5973-893b-c47261da8106", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:06e8509f-45b6-54fe-a837-72a5af8a9b9b", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f801c6a7-b6f0-5e0f-835d-d6cc8e420f3f", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:31bc489d-d947-5720-a7e1-c789c50378bb", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b7b0729-0f79-5e18-8ecd-b2d015a9ac6b", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3fec8711-0c05-5e65-b235-23c8bc1469cf", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5e8420de-c635-5bb5-99c3-4095e3cda6fe", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:11e7897e-14d8-5633-a58d-2f0a59d176c6", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:74c608ab-7dc8-549b-bf8c-528845f9f917", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cb9298a6-301e-57ca-900a-821c6b848678", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:485f35bd-77f3-5a92-b5b0-2caea302bcad", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a52124b-65c0-5853-8909-c0cc7e4d6925", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d5643a0-5aa0-51d3-b391-98d0080bd1a3", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69035c5e-df5c-5ec8-930e-efbf5d64b5c2", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-core@4.2.9.RELEASE-tuxcare.1" } ] }