{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5868b3be-c8e7-5315-a0a6-f841a0d9ee71", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-framework-bom", "version": "5.2.13.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6d6117d9-8625-5073-af37-68b94c8a4dbb", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8ac4e07b-9932-5f41-b5bf-11ed8596682e", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ab6a8a3-8d09-568d-b261-125a0dc96f64", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20cb34f7-857f-5335-a08d-18b2753e758a", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:689b96d5-36d9-5525-9ed4-01b11f93b873", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bcbd0aa3-02e6-52cf-8e62-6edd6c4718a2", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:990bc12b-204f-56b7-920b-cbd1d37aed27", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:936988a9-74b5-5496-8c6e-4d68e219fc18", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:75fc6d96-605c-5ac9-a018-fd3566381112", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:78b94f7d-9d61-56d6-97b2-d84e1cf7069b", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:956d4c37-41d3-55b6-a34a-7c1b00771a0e", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:41bedd22-0791-5d8c-a8fa-08aa20f9fde1", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:655b0d80-258d-59ae-869f-1d8daec7fb4e", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8096915e-cab8-5601-96a6-48b54d225f16", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3b9c0b9d-a9e9-58e4-b1bb-92e79841e5f7", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d042a74d-594e-57e2-af66-f98ba873b58e", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ab11666-3494-5f7b-b5fc-bef09ae93a5b", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:93b3d871-4d0c-598b-975c-6e69426bec6c", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6527c789-27eb-5cd5-82b9-a8efd8beb534", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a2ccfb4-0589-512e-9ac2-5f123595d512", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:002d8198-870c-52ce-9f7e-0a043be39c23", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5fb2b262-5582-5710-be14-93a2f996e425", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a38b19b3-c11a-594b-93da-4fbe2f14c626", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.13.RELEASE-tuxcare.2" } ] }