{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1722fe85-94d3-5d34-8b4a-05e52581bfac", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-framework-bom", "version": "5.2.13.RELEASE-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:65da944b-75dc-5031-8922-0f0021b7b23c", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ad1d5d22-dc60-5134-bd77-32c18cc7b41b", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2d08a9c6-5104-5ea5-8ab4-54e3cdd5a6e8", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:81b41460-1478-5f87-be8d-94503b34ebfa", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b7182962-d2d8-549c-93ad-7c1fa8d7c333", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:15e02766-cfce-5e63-8c63-6819efbae910", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a5b82ee3-e053-520b-a19e-09b3b2d5fd22", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d239aa3b-13d9-56f0-8ffc-72979ce30d38", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f48af348-dfed-5754-85d9-b7526405262e", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1588dfc8-293d-599a-8286-d065a8e09bd2", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:349ef337-56dd-536b-9fd2-2dcc60bdb98e", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8cc8db66-75db-5e40-bd6b-caf8a47fc507", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b38f01f8-ba92-5e29-aebe-fc09a557f8e0", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fbf4f3f7-836d-5d1c-95a6-483f40596748", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2e8e31b0-7fe6-5781-93f1-6d6c2fc1d4ce", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c177c261-ba6a-5e5c-a0c7-7eb8c12e98b9", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:93ab1fc8-dda1-5c0a-9d7c-53867adb7750", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:acd9d818-520d-5182-b698-6ae26388cd01", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:45d1fe5d-e47b-545d-8a2a-4f7d8b3ee6c0", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a4ebd48d-bfd9-56f9-a5ca-36a36c0ac33a", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:78250027-efa7-51a5-9f3a-4005bff727e9", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5c690e61-4ec1-5d28-a7a9-af36cb127006", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2b8b1f46-8d0b-5066-8d19-a36daa539d06", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ae1e3ff0-43b1-5244-bdd5-c52434c382c3", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.4" } ] }