{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:54ef1f84-78ec-50ad-be32-8e93c7139997", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-framework-bom", "version": "5.3.25-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b33c0a6f-05a5-5f64-8227-0544f7ef65df", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a2973fe-91d7-530a-8414-15c99e2712b0", "id": "CVE-2023-20860", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20860 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20456fed-2c46-596c-97de-2b3ca80ca1bc", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:390f89e0-1b39-5f23-beda-ee31c3e45413", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:590b250e-1913-576c-ac26-6814fa0313cd", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:26020697-b117-5845-ab66-78b1ffa4c476", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:38c7c579-6380-5fa8-814b-42d39994e7dd", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73d64aca-2e80-56d2-9e39-a7e65ae42653", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7f8fb096-24c0-5e4c-9291-63eb405bdb96", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6fe7b59f-6ccc-5583-9302-a50672f097da", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b592e96b-e759-59b7-b9ac-4c9fe425e68b", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9e9d8c33-782e-53b8-9b1d-57f45881677d", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:678ff223-2ff5-5432-b234-44b8cf121192", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:770e9f38-8fd6-51d9-a119-5323ae05e57f", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:872b457b-07e5-528b-8e4c-af9b7d98dfdb", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:162734fb-2d98-53f7-86ea-6693b0b7b69b", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20ca0d79-4f7d-5bd6-9611-0c5617fdf794", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b35704ff-1c29-5013-a2b4-3f781ee7fa0a", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f79fe75f-0a43-544d-9b7c-9e2448f506d5", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:461deac9-09e5-570b-8b28-38b7b4ad9397", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a9e043a-5a0d-5f7a-a75d-8861d9b794bc", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9a2c9cef-8b4d-5687-8bea-b5a97afb0803", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }