{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:755c5824-2559-53d8-bd15-00e3b9597829", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-framework-bom", "version": "4.1.7.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0224e1f0-f37e-5c86-88de-1c4dfb44381c", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0a49e0b3-ba7a-5538-b0ee-af4a0657d283", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f9bcbe9d-84ff-581f-b267-eb231c003439", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8706aa36-0383-5ba8-8f72-7026e83131ec", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:df5531d7-e0f9-5c5d-a8ce-aa0919fb84bf", "id": "CVE-2018-11040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11040 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:846b3107-04fd-55e2-b3b0-1302f68fbffb", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a050cf6c-6725-5fbf-96e7-bb58dd1e256d", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3931f488-0471-55df-aa43-b0b234bc990d", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:116da162-57b1-5666-ab19-727f2c849695", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dfda3fb5-28a5-53e1-823a-b87bcb0febb2", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:20931e24-e1a4-5bcc-8d23-14372bb16efe", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:001a1db1-7aca-5cae-a8bb-91d1cdbe641f", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:42b29612-d12a-58d9-a6bd-ec2eab14937c", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:011a7446-8217-5520-a3a6-9eeffb97aba3", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:71c730eb-a87c-56f8-9bfd-96bf0b092d4d", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:efc128bb-2a88-571a-aac2-ca102f7744b3", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9be37c1a-74cc-5373-beca-3e85a19bc1a4", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fc72a812-0a28-53c8-84a5-e0a17f56bee1", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c7a8705a-1f16-500b-8e97-acab838bbca6", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:63e4ce45-c5fe-5279-b0df-d1a0ac20fe77", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:330680a6-12de-5a09-85e2-75e43d968c9c", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c17455d6-b44e-5b19-902e-f9e19d70bd5f", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9265a553-a3c5-52f0-92d7-64a84fad3a24", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ca30378e-252d-5eaa-acfc-91ea4fc3f718", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0d7ee116-5187-518e-80a9-08c5cd93d6d9", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a22a5c49-3b6b-597f-ac4b-4c3b3b8e8cf1", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4d68c96b-b33a-5dc3-956e-55ae104eb086", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:22112331-c4d5-5387-a587-3a7392e9a54e", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0ff9ff8d-ad19-541e-9778-2750d28fce84", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4da003d2-f69e-5023-8aea-24716a37ec60", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.3" } ] }