{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5254fc7a-b855-5fcb-bfdf-d6e58ec21d35", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.31-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-framework-bom", "version": "5.3.31-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-framework-bom@5.3.31-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a0a8fe6b-7d3b-5d5e-a87b-b92d33879392", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.31-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c8ad25f1-bef4-5f23-ba18-e8ca6a710ba1", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1661f98f-a2cb-5e57-bcea-767d55565f5f", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:17f13e85-09b8-54fd-b887-41ff9512bb60", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d644a76b-dcaa-50fc-80a5-e6b29fe9e953", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:367747e6-4026-54df-9efe-7a38e8d7e943", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0a6a8387-eafe-5470-b8a9-62c937610c82", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:449f6c41-c16b-5c48-a11d-093e8dc84ec9", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7dfd2dca-e80a-55b2-a93a-f3d0cbf0793b", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:72fce6b8-09eb-56d1-826b-02992b9a3c55", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:54e2fb3e-8121-5029-a0d8-326f68d1fddc", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:05429bc2-dc6e-556c-9e53-ae8964c1ae9b", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-framework-bom 5.3.31-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1f948dea-1860-5bea-8fd8-e130b7beef5c", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1fd3cd4e-46fd-5eff-8226-fbdb433cf829", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:88118483-0662-5c64-ab43-19f1d9c39d32", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cd280109-4948-587c-ad8a-fdc6607a35f8", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.31-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3957de55-5715-50b4-b3d2-f959759495eb", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.31-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b89997b-03d3-566d-ac54-26c34ebe9f86", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:19b72554-5906-5eae-87e7-4c0ae8e98b7a", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.31-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e346b807-8e44-53cc-8758-0c04e60395f4", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.31-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.31-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.31-tuxcare.3" } ] }