{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a4fa4feb-8263-5645-adb1-27a00f093bcf", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-core", "version": "5.2.13.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:baa69dc1-e412-5f03-90d2-a21e8549c2cc", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:141c6380-d978-593b-9545-703e4cfcb69d", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd9f7705-4652-5a67-8a05-c3a2f3dd510b", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:942b532e-e76d-52bf-98c7-180be5230812", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:71ec8638-16b8-5014-92e9-9dd689cf5dc7", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e3ca9b44-a055-515f-bcaf-0a50e45dcb8f", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e237f12-948e-5f0b-8255-17838fa6b106", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9dc1b1c5-64f8-5697-92e4-ac7a57cbe2cf", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:430266de-e84e-5f00-bca7-cce93709810e", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:00ba07b7-d182-5256-a89d-bc92841e2058", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13ba62f7-9ee2-5fad-a6c4-0fbc6186c600", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:876de8fb-b79e-5833-9403-e8370ed67871", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2915e1bc-d01c-5dd0-9555-fec9e8bc91f3", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:67e62de1-0ab7-5805-9c12-b786acad7796", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b38d2dc5-9385-52ba-9751-c18d6370798f", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:89cb9b47-5400-5c14-bdf2-9aa1df2de58d", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba48a85b-4725-5fbc-ad21-a31a2f0033a4", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ded7a20-c357-5fcd-bb9d-25d892783f33", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:855ac42f-0fc7-5bff-bad2-da5022f572ac", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa67c4cf-ca9f-5c17-a907-c1a6410189ca", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c40fc2da-607e-58b3-bcb1-c2a262d60948", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:575b6041-0921-54db-9d7a-32dd779b6925", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fa8e880d-51b8-5d3a-9797-ad935c90ba93", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a08740de-ab4f-582e-80b3-ff554f26a422", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.2" } ] }