{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d26b23d3-78c4-50e9-817a-8b45737f6fb5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-core", "version": "5.2.0.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:24e03de5-cbc2-5c5e-bf67-d6ab288e4ebd", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8b0552a1-de99-5d2c-956e-18d32a9db00c", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:20d2afbc-2636-5569-b976-e2983b0acdeb", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:689132ff-4e00-5917-bf1f-511652f960c5", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:91c8d285-878d-5524-bed7-70123ca4e77b", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6b19a8a5-5ff8-5299-b2b1-6e1bc6a6ca63", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3699e7dd-8879-50f6-b0d0-79b7b5bfbba8", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:29b71e0c-01ea-5d03-95c3-a86c1b132aac", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5eae0dea-ea4a-5319-87b3-994aed5a0acc", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:890eebbd-314d-516d-a5f3-f8f5871cd610", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ea889ec2-99ec-5c6a-abb7-7241e99db638", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a81b2fd6-ca76-568d-95e5-545c700fcedb", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ca0cfa7e-1406-5039-a4ec-5f6d1f677bd5", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5066d2e7-ce11-5918-ba5b-eb15b1df9db1", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a6fb1db6-eef1-558e-844c-29b8880cea84", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f4e7b8e6-1adc-5498-a778-1576712acb67", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:280e3c71-dc10-536d-a692-e7e39999ab77", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4393e081-23ff-59f8-a1ff-213a33abea5f", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d27b1a2c-b23a-5183-b6ec-a161b9db8613", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-core 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b9b5eada-4c91-5147-8913-9e2f814d425f", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b4cc0f41-7b32-5e3b-b8e4-7b253024ef83", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d16a69d0-a4e4-57a0-a00a-32373223ddbd", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cf0df6ca-c836-54f4-8e9b-f4d964de5c4b", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dad347d7-a8e9-575f-924a-78a452a5f02b", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-core 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:883de3b2-1907-5944-8176-b699f1fe18be", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:db444bd8-d80a-5377-9fa1-f1e261cc3b4b", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dc49cf0a-9dbd-5fe0-8d9b-d1dbfa72cf4c", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:73c295ff-a664-5bfb-a652-f9ea6bb21fc2", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.0.RELEASE-tuxcare.3" } ] }