{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8e82c9f6-d9d5-5a16-92d3-7bbf0ce8fed6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-framework-bom", "version": "6.0.16-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9ff8ff58-af57-5198-ab2e-bb8fe4b83e97", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3981d74f-f0ff-562d-9d53-066cb6739eaf", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:566eaab9-d0af-5665-905b-a8e5291bcd7d", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96b62001-77b6-5a1f-9a45-690bfd621e93", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:25f1343d-f2a8-58aa-9afb-5a2a91e7c939", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7fa1a58a-7dba-5cf4-87b0-2c460e2f05d8", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9d8a9ff-8bb3-5659-96cb-dad09389b52b", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9932b0c6-16c8-54dc-a87a-cee871f4b797", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b190fde6-c570-5f70-9630-78aa5a4b2c55", "id": "CVE-2025-41234", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:06e24ce8-93c1-51c0-8233-75d761af70c3", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e35fbd92-44c0-5702-a264-6182208b26c1", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9d703a4d-aaab-5e0b-b91e-ffc77073ea0f", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6917ae93-57c0-53a8-a4d3-a4d5a04de4d9", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 6.0.16-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1529ef0d-29ba-5d1e-a988-49f28bd9130c", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 6.0.16-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.1" } ] }