{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5cd34387-16ce-5f7d-9396-3ebf0688b234", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-framework-bom", "version": "4.3.30.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:78071ee3-6d8e-511c-9d4b-398d45a968e2", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a4637f4-c95b-59fc-908e-5cec3e13dcae", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e592c39c-6d2c-542a-af05-37bf36172f41", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a12a168-e94a-55bb-b136-1da093f6446f", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:acaa70a2-69d1-5c4b-be69-8186434eed82", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a69f2e1-5ba5-5333-a852-510b04d5a09d", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8391c12c-5660-5b63-90a1-5da132284152", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0d589b06-0431-5a99-be26-93f7685f8e06", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:51339432-8b39-5c47-9f8c-0a2f37eda244", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3455c42f-9f3c-5d7c-a6ec-be6acbd91ac5", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9a7b929e-869b-5987-b3d3-4d0a494923e8", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e12e1258-8fd1-506c-9909-4ee66c40a08e", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:de2b2399-85c8-5641-abf7-cf45e9a5f095", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bac4a4cb-8059-5985-9548-d5d117080144", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a790488-3807-5856-82d8-c9d4e83ed477", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73c1d116-dda7-5ea5-a9e5-76694d44d56d", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:58e78f7a-e8c3-56e3-8f27-b56ce93f0774", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a38964e-aca5-53fc-ac9e-9bbc44ae3344", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c87d055e-e921-5b11-8961-034243e17aa6", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:060d85f1-0d06-5138-b925-0ee8a6b9f331", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd4d8c4e-e470-5c8b-8839-9851483a1e13", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:346d2cc3-5240-5e0b-b4a1-e67457508fa7", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b6d421c6-b088-5842-9be0-129173ddcdde", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f93f8af0-16fb-5d71-9d49-663218bdb264", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:367e7f27-249b-5a0a-98da-ab203d2ff9eb", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.3.30.RELEASE-tuxcare.2" } ] }