{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:935c4cb1-e73b-5e48-b820-f01d0ba70d10", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-framework-bom", "version": "4.1.7.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:aced5d16-ac31-5c21-8c14-467ef6d5d419", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c91d53d-71ea-50f2-91a4-eae8ba5d9f66", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:432e1cc3-bf42-5de2-8bf1-313d712411bf", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d30755ce-69a8-57b5-86e4-ff5c48575860", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1830a1d0-609a-5c90-8cc7-b2bfa632b77b", "id": "CVE-2018-11040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11040 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b497c525-e2f5-5139-ab42-5c101470320a", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c03e8ef-a05d-5512-843d-360277b92251", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8ee1e8e5-21b2-5404-abcb-512487104e2b", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b53e000e-1d24-5011-9a44-09b03183e944", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34919e95-6480-536e-a7e7-418663c05e01", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5be921a7-ee33-59f2-aba7-5caa88b2903e", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:56258ee4-b1ae-56d7-8d6d-7de4a9822156", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15a3e4a7-2e29-547c-93f7-1fa2214c9f3c", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37b48ee7-efb9-51d1-b32c-2ff36c2f73b3", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cd30bd53-f7bd-545a-a23d-2dab54159f8e", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9da0d835-a410-5576-9a56-17710848597d", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a0c22071-e020-5897-8a1d-aac72f35fda1", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa748721-4265-5bfa-8fce-45447c1d02ef", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:58de2d94-1beb-5083-9a88-bb7849f06db8", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73543b1e-eaac-546c-bf69-e67bb6de28a9", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5bb850d6-55cc-5923-aaaf-95ed6a16ccad", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4461d2cb-9b8a-5cf2-a047-0f974767c0ba", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c280e53-f95e-5f4e-8b11-098e3a6f519d", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:43278701-6aab-5afa-a02d-efd8e7fda6ca", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b11cab24-346a-57d9-b411-dc54842b9603", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6b6fe5ca-28bc-5bc7-8032-717c5bac29f5", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6d3f35d5-06d9-56f5-9de4-ba61eda7f98d", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0fb79ff2-0799-55e6-bcf9-83aed6f99422", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:55b38ed8-28e8-56cb-b8fd-1aa3bfdafe22", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.1.7.RELEASE-tuxcare.2" } ] }