{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c9c4a875-e56f-5923-839c-a88d6c86ac01", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-core", "version": "6.0.23-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:04d299b7-586a-5f5b-bf71-fc8cb8eb46ed", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 6.0.23-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:96f9fcde-251e-5923-a9cb-9c05f7b997dd", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:93900d73-eb8a-510d-819d-671b220db0e4", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:155625bb-2fa3-5131-b0f2-069455a401cc", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f8c7f935-9af0-5560-a863-ae500b3c8b1a", "id": "CVE-2025-41234", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0fede5a2-2188-5772-b9dc-297fbe3a91ef", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 6.0.23-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7d96ded5-6c96-539e-8842-90b476396fca", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 6.0.23-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:65786016-c507-5773-9ee2-63d058b2668c", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 6.0.23-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9ef44dbf-b787-50bd-87a9-4fb6a9dfe608", "id": "CVE-2026-22735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22735 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0d025931-a7e7-592d-8a66-21e921527a64", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 6.0.23-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c50e54e8-5e44-575e-a4d5-54c37b1b0c46", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cc4a0f53-7c61-520c-8602-d6c344526002", "id": "CVE-2026-22741", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22741 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:88eda64c-ca2c-5b32-a053-1ef9bf822acd", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 6.0.23-tuxcare.3 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.3" } ] }