{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c4f3b371-559b-5bac-9e9b-f7b02efecba0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring", "version": "5.2.13.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b555dc71-fafb-56fd-807b-e0f2de99a2c6", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca17a8df-cec3-5e09-8b8d-98ece2c0ddeb", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fbbc01cd-a651-5048-ab72-2addbe5bf4e2", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:adccaa2e-064d-5e24-9cf8-b917be3717a2", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:431e2a6d-5054-5c60-b3f0-64e6f2609feb", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:43bee480-bea5-5acb-9c50-f71b475e384a", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5cf83d2a-033c-5c47-a449-a41b0dfbbe61", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da39b60d-9b16-55c2-b2ea-5365a334bf83", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a41075a2-3a48-5964-a7e4-154183676d29", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:03c819a8-db88-5e76-9c7a-ccb4fec6f391", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7530ee9e-9dfb-5b26-a6a6-94211e96a286", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e03ed828-191c-53b7-bc71-9c993aac4dfa", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bae6f93a-dc54-52c9-b429-9d4116aa4415", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b367638-ccb1-502e-a98d-3447496469a9", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f59132c-021b-57d6-a018-69c5f06fbfe8", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69cb689c-fd13-5607-b2e1-fc63102befdc", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca326078-d2ef-5439-a102-fae2e3ddb244", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed75eac1-e420-5dc4-ac49-f17dfb5c060d", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7012002a-bec8-5a05-a841-337895326516", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7b3e7b2c-37ac-5a4c-8120-bd59c1858fb5", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e07b843-3788-52fe-a446-0877a1ec6170", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:66714a87-4d58-5b3e-b7a7-d48ef6db857f", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0b0a0269-2e2b-5f7c-a3e7-1572a8e87768", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.1" } ] }