{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:587d0aec-9f7e-5518-b6f2-7fe8821cd2dd", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-parent", "version": "3.1.1.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1d456511-3d04-5364-8880-d7cc8c1748fe", "id": "CVE-2013-4152", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-4152 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3d5bd86e-b468-5b69-b15f-6263b15d9298", "id": "CVE-2013-6429", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6429 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f63ed8da-755d-56a8-9628-0e0edbdbda94", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a8ffde74-8789-5fa7-b855-a6d0afe8e211", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97dd9249-0400-5f53-b67f-d3f6c125e44f", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:80343a77-57ec-56e6-a309-f6fce9fe882b", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dfe45651-42a2-5d26-9d26-ae9902a17bd0", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a98d5fd-d21f-51e2-b5f6-806bbca37589", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a94b0cbb-9c43-5614-bd62-7f3bea50fbbf", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3dc53684-cf17-5d4e-886d-060defc672ee", "id": "CVE-2015-3192", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-3192 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:db3c7387-ab00-5e51-9f5b-dfac85718a33", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3f57886-13ea-5d6b-9a60-de63f15f78bc", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2f36030e-5359-5bba-8b25-0b8f51a47ba0", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f666fd3-a1f1-53f0-a8fb-425506581ddc", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ebcf5bb7-35e1-5155-9216-bef980bdf31f", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d37b7b6-da42-5322-8c37-d2dbcfc5b20c", "id": "CVE-2018-11040", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-11040 is a false positive for org.springframework:spring-parent 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eae1861f-215e-5ce0-8f97-55e781381585", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-parent 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ce09aec1-9d46-59ee-8f11-7ea4cbb6a3fe", "id": "CVE-2018-1270", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1270 is a false positive for org.springframework:spring-parent 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5dac0460-aa9d-5fff-9562-1b5453da605a", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7051ad81-a7f6-5af5-8ab3-3b058147f5e6", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:da710597-346f-527e-a1dd-08038a1ee4a9", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c92389c5-1d13-5d71-ad42-0e8931d8b1f6", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9a1f9be1-1ccb-5d39-a7ef-64bb45249143", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:30dd7c0f-673b-53c0-afb5-74629b5ea619", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cca38b96-9b16-5445-982b-e2c42bed32b8", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:582095ef-aa93-57b6-883a-a326dac13cf9", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec00e73e-6597-51e4-82c7-cb7fcc4ca14e", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1f7f7731-96fc-5176-9608-34f787368958", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:596c1d07-63dc-5cab-9df0-75418e4e87f1", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3b49cc07-6bc6-56f5-9eae-74bc86d84b81", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b53e1ad-4c7f-5f94-a7e4-3e66f344f146", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f80f4689-76b8-5e44-a08f-8893059c01c7", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ed732a7-28d2-51db-b5d2-9b39bcfa01e4", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73617eb5-8075-5521-bfb5-48e4555ce9ab", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:caf0a47d-6001-551c-967b-0946f71fc468", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f91a3ab3-4f8b-5593-a74b-0d9b41bf1545", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:14bda144-3525-5e89-8c8c-1078887ab4e4", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:83470f64-8201-5a61-998e-b9684ecb0cd4", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c459e07f-e9e8-5f0a-801f-3b29556d53f8", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:915f2997-b46a-57a5-b91c-5712f78467a8", "id": "CVE-2025-41242", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41242 is a false positive for org.springframework:spring-parent 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ff7a4aa3-9219-5b44-84e8-aafbcf48c69c", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:86877264-0980-5a70-86ed-6757f443fbe9", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:534692a2-99d9-5126-8126-26315cb89b67", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-parent." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-parent@3.1.1.RELEASE-tuxcare.2" } ] }