{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:175aac3a-1b62-523d-ad37-3b76c44e96a9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-core", "version": "6.0.23-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c9ffcc07-eb54-52d1-9efb-3d20b6bbfbed", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 6.0.23-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7ae20c71-d15b-5b33-b6de-6c725b58e58b", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:03e63ac0-1cd5-5d4a-bdff-4ee1a06cdbd4", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:27a72af9-bdd0-599d-b729-2accf6e0cac5", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:598e1521-cad1-54df-9e61-fdbd4d02e1c1", "id": "CVE-2025-41234", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:18991a3f-45c2-5d25-83aa-22fad9d81f69", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 6.0.23-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f26ab54a-4fd6-567d-ab86-1fa1b3abd775", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 6.0.23-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1e121a9f-8414-51d8-8c24-580d787ab45f", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 6.0.23-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f4b06fcb-2c58-593d-b277-db394a6c17de", "id": "CVE-2026-22735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22735 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a52cf883-02cc-5e96-918a-e72d523914b3", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 6.0.23-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c68d2d33-e148-5beb-bcca-e9ae91521226", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d2f9916c-044a-5ed3-b7a4-9749e101f9fd", "id": "CVE-2026-22741", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22741 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5f5ecfa4-31ca-5022-b36c-892d75e66104", "id": "CVE-2026-22745", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22745 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-core." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-core@6.0.23-tuxcare.4" } ] }