{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0a1eab40-7594-52ed-bb81-75bc511e0e69", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-framework-bom", "version": "6.0.23-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:47ad2153-b5b9-5dd2-b945-a680af6ff3ed", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 6.0.23-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1ae076dc-3266-5cbd-bf79-20131d57a690", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eddac348-14c4-55c3-9a28-00e2382a8901", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:474635f1-8f1a-5bbe-972e-35b7bf863eed", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a3fd9403-842e-5dd4-ba37-ffb02af939f1", "id": "CVE-2025-41234", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ec9ffeed-62d7-58a2-ac1b-7e8d4649f513", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 6.0.23-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:971b7f17-00fc-5da0-89d2-ec310aba59c3", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 6.0.23-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3417e261-da64-5f16-905b-049c15368395", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 6.0.23-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:511d1938-4b4f-5c6b-ba03-42f61fd0d8f4", "id": "CVE-2026-22735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22735 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2d23855b-49c1-5637-b878-320abc67cf1e", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 6.0.23-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4d7d24a4-c317-56e6-99bf-44ab718db6d2", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:154712e2-ca40-5868-9b60-3e8bbfdd7e9f", "id": "CVE-2026-22741", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22741 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:24fbee88-0a82-59da-a751-6bc9fe642723", "id": "CVE-2026-22745", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22745 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.4" } ] }