{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b11bdef7-9593-5e5f-9d69-6a5db9bbdc18", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-framework-bom", "version": "5.3.25-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:434cd25b-27c1-5ea2-a6d4-901daaef401a", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ff772e3f-197d-51e7-97fc-9d04c7416da0", "id": "CVE-2023-20860", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20860 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1390adba-a95c-50d8-bf43-6fae69327a15", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cdf429fc-5d07-5659-b4d4-3925f247c8b8", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7cae7710-f0cc-5249-a49c-a009141e0d7e", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9d9a080-43c5-5850-adc3-68e77e688e60", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c55c32a-7dff-5376-a324-fff73d516a73", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c240341f-eed2-5691-b459-989dad5f02d6", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fff31076-2aef-5b0a-98b8-097e15cbc2ab", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bcbc31c2-d16a-5884-86f4-c74fadbb2221", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:36f5e1d6-bea6-5d64-8fc6-6b65fc88b059", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a3944cd9-11e7-5bf2-8dfa-d00d36c3c1e4", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8debf363-f4ca-5936-8cdd-a73acb922d39", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:314d3aeb-5c8b-5684-9305-8f1b6b23eee1", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5e935762-6652-5eef-b3c5-b348bf2fc547", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc6bcf14-a010-5942-9bed-c3adf00a5620", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:683c7491-5248-5740-8242-8d9ef7ed32be", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2e5fa737-9c72-55ee-bdbe-59bfda126f69", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd7b12cc-2652-59ec-9e11-3aac3ce0e601", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c5f706d-0e0d-54c2-89c6-0bafee7cb996", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a04713f3-a30f-54c9-95b8-feae4328c3f3", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4cd8472c-e92c-56ad-8d08-3bebd1257d2e", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69ef556a-766b-59c2-835f-282b0da4c2f4", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac1d82d6-e365-5c65-bf6f-cf689deefd73", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec84d9ea-d7bf-5ac9-ad37-a992aff68515", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fbdc14c9-c8ed-53a4-a8a2-9c1949e652dd", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f9d3170-ba05-5ac5-bb25-fb9f76beb414", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9aa62a95-a0c3-57db-99ac-d2b5e2cbf22f", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aedb3171-b8b2-5252-a644-a88331c211b0", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b47cd9bf-2b0f-5d58-824d-bfec55525870", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3ad5e63-3d16-5e14-bad4-d0e05296deb4", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:71a787f0-9872-509c-be45-a0e62aa2b718", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7bfb5633-c952-55e7-85ab-2527798db4ac", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de0226a7-a255-5d6b-bb1c-efd25c59e8c9", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3ea8aa94-9f56-57a1-95bc-79795d412b41", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5fd516e6-89d0-5d95-91af-4c7611375385", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7614f674-4784-51a0-9517-2a405457d84d", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b333c0b-10f1-523f-8378-7d1677f00e90", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:44b120a0-7976-5714-9c54-7499a5bbf520", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.3.25-tuxcare.1 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.1" } ] }