{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bb1040e4-bde0-51da-9865-46bc8f93e653", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-framework-bom", "version": "5.2.0.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ea42c0c8-7f9b-5cab-9461-797c818482b5", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cbaca204-13e2-565f-977f-00e8c8cc5d3f", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:32771bf0-e7f1-5364-a066-ee1f5840626c", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1c341011-6732-51f9-910d-7a608874769f", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:136f835d-dbe8-53c4-92f0-b99cab167f3c", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:98080387-7348-569f-bb45-038cac0f056a", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ffa47cd8-eace-57d4-a276-af3bf416c93e", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c3c4b9d8-a12a-525d-ba83-678c27a8e74b", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a5b42361-0a93-59f6-bbe3-5debeb8d8178", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3a870d7e-acc3-5896-a97e-03c1f70f78b4", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:31af13ce-6d29-55fb-8783-2e55a5306b8b", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c1ad846c-1ec7-5baa-9b7c-043f9f710c37", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fab6e6ed-4358-5917-a8ab-7a822dd26f85", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:af1e8102-8d74-54b3-b0ab-8a640c00c595", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:faea78b9-4ee0-54d9-8b68-1eaebc880794", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:855a96f2-4b89-5d41-b453-b462faeaac9d", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:507f58d3-8341-5884-916d-3086dcc63cc1", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7652a63d-e4a2-596e-9308-4cf9a67092fd", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0782d354-9421-5d9e-bfbb-b0e637e37f2e", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-framework-bom 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d00c92cf-1146-5615-badd-90c1085ddfa2", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:281a9d8a-1668-503a-b0ce-a502241a6350", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ba5d85c2-86d8-553e-931b-7b782a30e0e7", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:de305fc6-b2e6-530e-91a4-7351f4da5993", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f7b39f10-56ef-5f53-ad02-e6854a3f18f3", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-framework-bom 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6fe8f02e-6b5a-51e9-b605-ad76780c31b7", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a7cde2ff-5d86-5404-87d8-f7a9e35886b7", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:79f67ba3-168f-5090-976a-036c6e147c01", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f9b8648b-5b93-5f64-b426-e93a9c5c23c7", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a56621f5-dc5c-561a-ac42-6527618741d2", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac304973-3dc4-566c-b2ea-a8e05d3eb41f", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:29f608bf-627b-5840-92e0-4140752f06ee", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3a1fb242-91e6-5fac-97b4-55afe3247019", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3b1f7d0e-6333-5f5a-8948-b2cc54f2c780", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bef7b18a-4d80-5776-bd54-4b31f8e862a6", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:43a5bac8-90f0-5481-be86-05714382e09e", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4269ed80-4d72-532c-9a9a-bff480b043c8", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c2916e45-6231-5061-8638-6f958ce11a3b", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b3d322ad-1734-52ad-939c-27aa73c838b7", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5ba07262-ddca-58c4-9f2f-3fc92f30d342", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:26a5fb49-32ec-58f0-8593-2eab2ffd7a9f", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2c26c707-db9d-50e7-869a-09f05df35ab7", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5472aecd-a627-5f8e-9087-2dae1b080e85", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8bdd75ae-85ec-57b7-bad4-eb1fab717e03", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:09a4beef-4738-5d6d-8527-baf8cc94329a", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5f4fcccc-b721-5d1b-841c-57925b9ddd86", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.2.0.RELEASE-tuxcare.3" } ] }