{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d6eff43e-463c-5224-99e8-a9773524f888", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-core", "version": "5.1.5.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bf09fb73-8cde-583b-97c4-0a60e0801499", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1fbd1311-ab3d-525a-8b4a-f20e59b961d8", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fe199417-7526-5f39-9a7f-1b5a596b2135", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9e0d8c0b-a4d0-5540-961a-638011c82615", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:27c09359-6ac0-5b57-ac67-37b290ba7dd4", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:83b840af-b28d-5304-9b84-5b6f4b9fdb7a", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d6a227c0-6948-5d7d-9401-d89fb0dc105a", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:222197da-5db1-569c-a299-4c9d9228bc66", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:69620f5d-ae67-504e-9f0a-2324e40c8b88", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3440ee84-f62d-5a5a-bada-a8d08f4c8b89", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45db5955-a51d-5cc4-8f63-dd9455b56848", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e375b5bc-5b87-555d-a343-8f9598e343b8", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:85f7b139-95a3-58e5-97ac-f815ab0bdb12", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0edee87e-32f0-5b20-8051-7ae0f6db2265", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd2c961c-f673-5371-afa6-7794d36f3f3b", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d01f7442-29db-518a-a1ff-608578ae0321", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c0fc49ee-b914-5e8d-a879-54e88bc809bc", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-core 5.1.5.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e32cbba4-e374-5e4c-86d9-7d3b70cf8191", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5fa46665-a110-5c77-8295-2d0d615bb5dd", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7f3ad45e-7159-5b42-a658-b9b25baf483d", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a540a128-984d-59f9-9971-ab6ea4cead4d", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2261648a-d33c-597a-8a4d-b0ab067dba10", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:151f3ff6-a183-5fcd-9db4-718d75c73036", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:43ceb753-7405-5bf2-af14-ae8e3dfe88e2", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8888df37-f916-5526-996d-92df09e89cf2", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fd2b652b-d85b-5d71-93ed-04ef201e0bb9", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a276bde9-66ba-53ab-bf07-d7934be8607d", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c818e1d-0dfd-5fd6-9b41-a566b5514d50", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f9b917a5-91af-5bef-81ec-5743e01b6ebc", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-core@5.1.5.RELEASE-tuxcare.2" } ] }