{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:89e27580-4335-530f-a317-20898a16e0d4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-core", "version": "5.2.13.RELEASE-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:af25f5d6-90b6-561c-b789-d374542bae0a", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:88b97f2f-b3ab-5108-997d-0e66ad93c481", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:866e5e06-38f1-5235-b7a1-b9f2cae8ea8d", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9a45fb7b-6c76-50de-9fdd-a28353ea341c", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:956ecc41-af70-5208-b242-cd1118c8145a", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:592ab70f-b3ae-551a-9ffc-b6799b1c55fa", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0a611c79-dbdd-5893-8e18-bfb0e283da24", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:06cf1ceb-0b0d-57eb-bd96-ecf444c6dac6", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:65aa5526-90cd-57ab-afb1-cf5309408343", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:81d6e471-14d9-50d2-898c-3fa7c2714450", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1ebd1ccc-3001-5cf2-88c7-5e4f5af8af1e", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8b52ff00-30a6-54d0-a657-bc623b3ad8e7", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a9bd17d5-a5b1-512e-99e1-297163f18ee8", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b0ab89d7-485d-5b51-b064-f4ee9ef94d1d", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fef04f19-5be4-58b5-8eec-bdabc1a4135d", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:088b9e3b-f674-5f7e-8b8c-97ca859ca30b", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:39212a6b-ee19-5f40-9f47-bc3e6bba44e1", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2713a706-1f41-5a09-a3f7-9a00242af51a", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2415e785-0f95-57ce-997e-643242a8cb46", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:709814af-1fda-5f35-9a67-5c2437c67c8c", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eeca5765-27c5-5748-83bc-716d895d55f0", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3f7fc221-f037-578e-9b6a-ee3e7d8761f4", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:78a45934-87dd-5ccd-aa14-194b8af7d33d", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:01e267c4-0b40-5967-bbaa-bc91a5c0bd22", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-core@5.2.13.RELEASE-tuxcare.4" } ] }