{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b46f9b60-d0b3-5129-bb02-93a3a27e5797", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring", "version": "5.3.25-tuxcare.3", "purl": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bd766bff-b1ea-5ca4-983a-fcc76023611b", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b8ab39ee-f15e-5693-b3b1-8978e8509beb", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b2af5a96-e201-5db8-91de-4ddbb4591dc3", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ef924bd3-c984-5a2b-b8a4-9421624a225f", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:063292d1-4e8a-58f5-a308-419324647278", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:96a9fc05-fb48-5832-b6c0-b7e8c41b305a", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a44c3c64-96e1-5112-98b5-873145f99849", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2d69ecb4-e65a-51af-94d3-f1ecdb1d9c63", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac2db402-e328-501a-a1c6-6676dcd1cb9b", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:582099a4-773b-53d2-a675-08d7b26385ed", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8dc8ec15-78c5-59e6-a0eb-01ced63daa31", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:10587fb8-f202-5850-ad4c-7dfe9f2a1cbe", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f44493fe-b6d9-5cc7-a0b9-431f35b922e9", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8e23bb3a-26fe-5878-8755-9eccb3ba125a", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fa72f2b2-24db-5dc0-a04a-f3b7f973c2cd", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c9ad5da9-2a95-5bf3-b251-22deda68a219", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e216a842-cec0-5b73-afcf-82151bef53e2", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9d074461-e2db-551b-8dcb-29952b1a6767", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:80e53496-a67c-58f5-ba12-f3dda6931e4f", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:31ce99be-c48a-5433-a29c-4d348a16c1ad", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2581f880-7da5-5cac-a737-6c238e1d7677", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9cb2bd20-8699-54bd-ad12-21d241f2bf2e", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:77784cc9-d4f4-58f8-94f1-c032909ed889", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e2537e40-ba11-52ee-8057-b12348c7531c", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0d32fb92-97bb-524b-a997-3c6e302546f0", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9009ead3-e280-5b97-b4d9-5d0fb472dcbb", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:db5f0feb-4f09-5bf3-930e-a5d57e2447c5", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8aef3893-ac85-5b3f-bbca-9371fa6e2efe", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8a9ba522-1ea7-5eaf-bc52-cc2eb0378a97", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8d65a7a3-0340-5d9b-a328-bd1add4f8442", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3403f656-c9cb-504a-86bf-7a46dfd25cb1", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:787abdd6-8565-537d-ab0b-36b399df7e9c", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:13f9df23-8ea3-5503-8e36-5ce84c082490", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:17c9dcaf-50fe-51c7-acd9-ffc62f2a6952", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bbd82945-a437-5864-b351-b85ecdc61a1d", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5b09352c-001c-5779-b5cd-11549a67682a", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:34ee734b-8a44-5db4-8736-b9a743521c33", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5ddd3377-87c4-5452-92f0-0418d9c2b8d8", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:703703e1-0044-540f-aab1-1f49f1be219c", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.3.25-tuxcare.3 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.3" } ] }