{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d8f39583-5e01-5cba-9b24-593413c34f7a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-core", "version": "5.2.13.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c9a40cef-fced-5ff2-91eb-9d139ae1f8c3", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bcf5997e-e3b3-5e3e-965e-30932bf1acda", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6c3b9ea9-53ca-5fa9-8542-ae43d7819c39", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a4881478-1b01-54a2-8156-4aa7d215e584", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3496b821-6859-50f1-ae5e-27cfe822db08", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a4c3b77f-8de0-5a33-b9fa-5688a62a6d04", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7dd0f916-d1fa-54cc-9a52-12e77d7d416b", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3634ce92-8430-51f3-a58e-dbcc53537f34", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:50e50691-c8f6-5a8f-bc33-f39c00784293", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6d97eeb9-f5f3-55ff-8efe-6d4555d89857", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d213f4d8-0525-5e7b-ab21-d0fddb2dde8b", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7eec29d1-95f7-59fa-b529-38fab0ba2f60", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8eee8b2f-78cc-57dd-8187-3219bc2b50fb", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fe3d21c2-7620-5936-bb8f-be446c51f85f", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1a721ad6-3506-594c-8b2c-09b2369d5348", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d7cddaa8-741e-59c6-b643-f44f2e8bbd93", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cc04c1c6-46b5-52d2-a6f0-620939efac9d", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:58f5a4e8-69e2-5a31-b3fd-33182574453c", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:10d7ef6b-74c1-55f3-a857-8e78a869354e", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0feae684-8a3c-54f3-8634-f53ba12cdd5b", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:41067a90-6500-54f6-81f2-a99a039eaad4", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5f02feaf-6db7-5b50-8de7-74cf03da9d58", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5f23c500-a445-557c-b350-2173d23b1776", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac9a6550-53e1-57cf-af5a-f5b6c4873637", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.3" } ] }