{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8ed7862a-8b81-5078-b2d6-6610278cd1dc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring", "version": "5.3.24-tuxcare.2", "purl": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:163fa52b-4351-591c-aa22-139ad9629658", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.24-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8ca27270-c1c2-556a-9c5b-2f25ab88562c", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3e6312d2-9d15-57a2-8e0e-0b53ddab62a6", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3d1d8ce-106f-5c59-bf3d-165af5e20f77", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.3.24-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:60561461-9990-595a-baed-8b681fd03307", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7bf1da8-ae94-5cf1-b4a5-07470864646f", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c7e9a939-2fc6-54a9-9eb7-d409eeb4cc4d", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6f7bfcbd-7ac5-5d89-ad75-793941c4b1e7", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77281984-7183-55d5-88bf-29f6800b49d0", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c610749-dca0-5bea-88cf-0342829a2a70", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:807235d1-75a3-513e-b424-c5b8f5c1596e", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b19bd5c2-b826-5ba9-9bf7-6ab9cab813a1", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0fc3ac9d-fde7-5e60-b66b-8d61b5bb71f4", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c0d75566-eb28-55e1-a0fa-f6ff219b17eb", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1b97f995-0843-5ce5-8a83-6fb497fbf96e", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6071f8bd-9d3c-5eb0-a506-6e9b153c1af9", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6e4eed2f-8431-56fa-b8b1-98627b6f258b", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3b554825-1c99-52af-9806-903abce48cc4", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.24-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d8f5c04-c94a-5001-a8aa-3310ea1c0c51", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.24-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8fe9ddd3-73ab-5905-bda4-83708b9bd9bf", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.24-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dcc13cee-a0eb-5e53-bfa5-500e00478a98", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.24-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:24344bf1-a25b-5e14-a436-aadc1aa88fd9", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.24-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.2" } ] }