{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9f379553-8f7a-5e75-8897-547d78c20609", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-core@5.3.24-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-core", "version": "5.3.24-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-core@5.3.24-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d8744120-5a30-5dc6-8506-1cd554a905fe", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.24-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77b6ca1b-fd8d-51bf-970f-6531e7f80e3b", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:63ca59a4-9a4d-5f13-adc3-eb79a65d19bd", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e40fc3cd-6380-543c-9a5d-a6a44852798a", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.3.24-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:491481f6-9356-596c-89fb-93b5cec5f549", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d16ffdc6-75c5-5caf-88b3-98b29a2f9ed6", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a48a4ece-ac28-5164-94bf-3615584cdf63", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a73a3f0-79a0-58ac-8f2f-e2bc109dccbb", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:02b6b9ec-cb40-5f3d-86ab-452e1bedf40b", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd89a995-2fbb-5c71-83cf-dbdeb210f643", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:166d2a64-94dd-56ac-b82f-4b6c992b4ff9", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7de5d3ae-4f72-5d26-9ebc-6e3638204861", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd472d79-f0f6-5663-8483-9becc18253d9", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:121f9e5f-5e4b-5b56-b38b-8784312f7978", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4396b24a-d8cd-50df-83e7-2a6b0f4fe5f6", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45701f8a-a31c-5e70-aeaf-fc873f3fceb3", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77dda895-f380-5f6f-9622-b9e37ca0b1ae", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7957a6e9-3cf8-5eee-aa3f-776eedd2897f", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.24-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:697ae2b6-fcdd-538a-8d3e-1b7f6bfd8f9b", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.24-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b270b441-c779-5aa0-b253-1876d1d9ad7d", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.24-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b1241c2b-8d9e-5e86-a4a2-ca9cdd79804f", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.24-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7074805-9d38-5d86-95ea-c7b6fd088fe5", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.24-tuxcare.2 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.24-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.24-tuxcare.2" } ] }