{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c354c831-bfa7-581a-ae6b-285f16af7a63", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-framework-bom", "version": "4.3.30.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fd70170a-4935-59e8-bba8-24e94b3a49bf", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec9ad69b-1dcf-57ed-a2f8-ac3e87682455", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0bcc96f-0d07-55df-8049-e4fcf88024a3", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:74a04178-6c29-5e9f-b9be-4f0ce84a4940", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:363da206-904d-52dc-a0f4-2714c7915f44", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:353b9b48-059e-5b4b-bff8-b196d8a54d61", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a344c92a-6b7c-57b3-b616-3504a96e6d75", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c781ba0a-07df-5fb7-ac56-3140c6e5af09", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:01a64937-7f70-561d-b6b0-aa89a0b169be", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eb3506cf-d948-53e8-aca4-c9f1dfd9cd63", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:580c2332-ea98-54cf-8a15-e6fc10ad04cf", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f068e4cd-07d7-5cea-8226-b658621fb600", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f2d84609-3704-58cb-9d3b-8ab1bfec14ad", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b9dc661-0b3b-58e5-8528-3b7feac82acf", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5b32cb1-e827-5f83-a89f-6e0b6fd4a143", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:77c67a89-adf4-5f29-8ae9-4ad43b708adb", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2d95c885-5932-5d1e-80be-c33ab037d6b4", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5348c9f5-d4ec-5904-9036-8f3a5ff3b075", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:39736267-12a7-52b7-ac8f-c9b754836edd", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a421022b-9d5b-542c-bc81-453ae51469d3", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2746c9e7-8a7f-5549-bafc-a1e30a9bfa50", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1ccde0fb-b704-55ad-8590-35d6b449f806", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58cbd22b-bd2a-58ca-827a-1acf438d6189", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0ecc79f-1943-5ad4-b67b-79db7eca1ac4", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ffb3210-1897-553f-9133-681a458df4c9", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.1" } ] }