{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d71ddcbf-fff7-563d-b481-4c4e1345ad49", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring", "version": "5.2.13.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1d242918-f4c9-5852-bd0a-1439ee70d2af", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f497de7e-9252-50ad-b334-0a181ebce3ec", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b17b7a5c-339e-5728-be43-50a7b7bb3525", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b137658-5d1a-5832-b3fd-98e4feec15ce", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c0cf9bb-39cf-5ed3-9a3f-704104c8e63e", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b7f947d5-cbb0-50ea-8cf5-f1fdaa13cfdf", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:421bfbc1-b4fc-55ba-bfbb-6d97499a5a9a", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15531c93-c44c-58cc-9e28-915a625873a1", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec68d89e-e1d1-5380-a8b9-762c5ffd180a", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8f8269ba-9281-51b3-b255-4bb2095f5af9", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73390572-6615-52fc-b53b-71ca10b5863f", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ad4b0066-3413-5257-a2af-1b59f66d9227", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fa540784-2229-5cc9-a639-9b3914c6c805", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b149722e-a250-5b06-ad90-71bde9d38058", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:93f3f025-1717-52c7-b015-1c8cdeec1f94", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0d09799b-0146-5864-ae46-70c378536771", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c04488c4-89bb-5c28-8e00-371ede932c9a", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c98e2ec8-a99e-529e-a313-7981e8630580", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a46fbbc-862b-5227-8670-f01df3896783", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d97010de-15fa-59fa-a257-6c14576894fb", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3da6ffc8-4b8d-5c5c-a478-ce704c7abc64", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ae53deb-49eb-5a9d-9d0d-47498e9d7d9f", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:21a61e49-0457-5288-9d19-0cc1e2e41d7b", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring@5.2.13.RELEASE-tuxcare.2" } ] }