{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:df48a8eb-5c6c-5325-8633-90d574464f4b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring", "version": "5.3.30-tuxcare.1", "purl": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2f3d30d1-cbfc-5986-b505-ec351c56c651", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.30-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4a74ff07-1121-59c9-ac98-d5c5d146e9c4", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.30-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2968948c-b987-554c-a1ad-95fa4b923bb2", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.30-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e28fde1a-8e45-5499-96e6-8f94c141c0f8", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.30-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b4a247ea-cf7b-5b61-b9cf-5e2c0577a431", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.30-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:25db233c-a913-59cd-bd24-581bfebe92bd", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.30-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0fa0a5d5-c823-5e6e-9ea8-7cc83dd0a10e", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.30-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad5f24b5-7be4-5154-a5e1-a2204702e3f6", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.30-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6fe2e0b0-582a-5007-99e3-9455b5c9aa95", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.30-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4a412daa-92b6-5ae2-99b4-4191b6818086", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.30-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f125ae58-dacf-54dc-aaa9-aabef7755d8d", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.30-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:42c3f519-cdab-5ed5-9044-7ebd3c272d91", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.30-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3dd48e6d-1afa-516b-834f-ba8ea68870c1", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.30-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:53957aa4-0107-5fe9-95cb-3258d9114eb2", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.30-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:309c0a64-3d0e-5d1c-b819-7e17c205a60c", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.30-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:48cc3142-0ed2-5be0-b4ad-f4ff810698be", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.30-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.1" } ] }