{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:03ef2a1e-522c-590f-8369-d5a734e11d0e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-core", "version": "5.1.5.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b916e79c-82a2-530c-922b-e5e1c9966fb3", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:73ca8abf-a826-5ce1-83c1-5557b6ce0480", "id": "CVE-2020-5398", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5398 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2dcfdaaf-612a-5ab5-8974-f54161228c53", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69d67240-8700-59c4-a73c-5e9ed87f18ec", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0cb210b8-7f44-5d13-8a91-3ecc1d574440", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:47a4fc45-9357-514c-a214-71d88a4284f3", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bff0b7af-b1c3-5f71-bcd8-90d885aca7bc", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1cfe7c3f-84d6-5d10-86ed-2ec86f592204", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c3b8db6-a154-5ca2-9fde-9aa4966d6043", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7616bcd1-2605-52f0-b66f-732414d45932", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:94f57bdc-d5ba-599c-816b-5820939c48ec", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9299d09e-3490-5013-bafe-88dc43713724", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3ddc7f64-c34e-5800-a097-cc0983dddc32", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:187240f2-7f58-5074-a251-80273dd0a209", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4a4e5692-a917-57bf-b1b2-7651039f3bd5", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a8563c3d-d95b-551e-bf59-f6bb8d350dfe", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec39b716-0eb0-5858-bf5a-454289caf58d", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-core 5.1.5.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eee0c1e5-95b7-55e7-a0ef-71b5b6be3e63", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e481a8fd-0013-5dfb-9f38-fe4b3fdea65a", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2dbaf497-7482-523c-8f19-ebf2e8dd1c3b", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8bb4a954-ea9a-573f-8722-461f1c8ba188", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be08c372-7bb3-585e-a914-21ebe3ecaec5", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:76997748-7192-527f-890e-5d40dc3a368c", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c85fe490-fcc7-5282-bf67-c21fe4ede667", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7677eb49-45f1-58c9-bd2d-66308d5505a0", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8aafea23-bd47-57f0-98fe-1dac2b15038c", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88d8b2fe-0d5f-587d-b6a5-439ce35a96bb", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:619488dd-4a57-56a6-a963-0ef33ea07759", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d658ad1d-96b8-51d2-aaa4-3c3a1327aba8", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.1" } ] }