{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fbcc7012-f2da-5249-ae8a-a8f8f9cfa71f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-framework-bom", "version": "4.1.7.RELEASE-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:38688cf2-3e3e-5537-9253-d0bbcb13ebd3", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:83957dd9-a260-53ba-abf4-dc9a506653cd", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2e17b3ff-ad84-5345-8246-47990b4cb0d6", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:63d53192-3b1f-53d3-98b3-09fd221d1328", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:89fefab9-a979-59f0-ad61-40ca36e52b1b", "id": "CVE-2018-11040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11040 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4b6f640d-8a7f-58fd-9c58-ef4eeaa2f2c6", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1266a487-da5e-5c31-90ad-be947f46d0d5", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0655e2a3-d499-5400-a84c-0a71b208c461", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8e84e3df-7c4b-5922-8a26-82e792c3f9cf", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bbdbd1cf-b770-5faf-b416-16b4bf38b9cd", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2a34600c-3ee1-5325-a5a3-44296bf8adbb", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b6c21020-8a86-531b-96f0-87ae12161916", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5e9da4e3-bf7a-542b-a23f-a773f7cb7156", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b58c22c4-09fc-5f75-85af-f4455e8c06a8", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6dd69ce9-18b8-593f-840d-d2d11f52f123", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f3017129-5afb-569b-a74c-79545a0ffa7c", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:93892edd-32d7-584e-b215-937bfac9ff8b", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:57e13c73-b9b0-5220-8559-e61949747e3a", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b69e93f0-1a2e-53cc-a3b0-bc8ff4fbb945", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c5ea6bd4-d990-5130-848a-984987fd1fd3", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8d691865-a104-5e9a-8cb9-b447dcf1b59f", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e3d5ec9a-1a89-5d1a-a92f-289bb06277fb", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e1e8fe3a-9a27-5ccf-9282-7fc49f3cd652", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:33780acd-74dc-5ef7-9d30-f25a975713c0", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0e323c87-4bfe-5422-83a1-e44d407a1d26", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d41a6dd8-d8d2-5ce9-b9d3-212edea5d937", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7647ac10-806f-5ab9-bdc8-411a5c6cd786", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:def96254-701a-5d11-8a94-759df4e0119e", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3b994357-c8dd-5da3-80e8-3f3645038151", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d7b3ce9a-bf4c-5ab6-b6df-27b82112b1b5", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.4" } ] }