{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8f9b3a67-0860-5540-b2ed-5fcabae95b80", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-core@5.3.27-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-core", "version": "5.3.27-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-core@5.3.27-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ae1fbe5f-da97-58af-91bd-100263117b79", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.27-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9aa74530-b566-586d-a3fd-968b604c940c", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:310fe1ec-f656-565c-bee9-c428277896ab", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:50379af5-d550-5905-b6ed-43544923a34e", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:926467c4-0ba1-5e81-9487-93eea19e13c7", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:070bd474-a603-54e3-891f-f11b430b8257", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:730040cd-3b34-5be4-97ae-6cf1142d74b2", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b2caf511-3b18-55b3-8570-5d7addceda19", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1ca9b7c8-13ef-5d86-9ac5-3b0fc78071c6", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ffb3ab46-3a7f-5808-952c-7608ebe015bf", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:144a5a91-6e6a-583a-aa9f-b6af4421cfca", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:60bedbf9-07c3-5418-8759-ea2ee4c0e52b", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-core 5.3.27-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5ef35e6a-120c-5a4f-8f87-1b51fe777ce6", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6802df4f-0d42-5a38-901a-f3f63cb3eb95", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:da9c65e7-3f4b-5b2f-abd4-ba9e4757ea9a", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:63dbf9be-5ebc-5910-ab57-4c322cecd3dd", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.27-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:43fe1392-c1d8-5649-9801-bc20f832b933", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.27-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c71b29c9-ba62-5b81-b047-c534eab65101", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.27-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bfbc9da7-4d62-5c85-b4b1-c7f33a5604f4", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.27-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3cfa57b5-7db2-5fb3-a082-ce285d0c0223", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.27-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.27-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-core@5.3.27-tuxcare.4" } ] }