{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4e8f791b-c11d-56f7-a910-51ea7afc069b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-framework-bom", "version": "5.3.25-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b33c0a6f-05a5-5f64-8227-0544f7ef65df", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a2973fe-91d7-530a-8414-15c99e2712b0", "id": "CVE-2023-20860", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20860 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20456fed-2c46-596c-97de-2b3ca80ca1bc", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:390f89e0-1b39-5f23-beda-ee31c3e45413", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:590b250e-1913-576c-ac26-6814fa0313cd", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:26020697-b117-5845-ab66-78b1ffa4c476", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:38c7c579-6380-5fa8-814b-42d39994e7dd", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73d64aca-2e80-56d2-9e39-a7e65ae42653", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7f8fb096-24c0-5e4c-9291-63eb405bdb96", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6fe7b59f-6ccc-5583-9302-a50672f097da", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b592e96b-e759-59b7-b9ac-4c9fe425e68b", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9e9d8c33-782e-53b8-9b1d-57f45881677d", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:678ff223-2ff5-5432-b234-44b8cf121192", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:770e9f38-8fd6-51d9-a119-5323ae05e57f", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:872b457b-07e5-528b-8e4c-af9b7d98dfdb", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:162734fb-2d98-53f7-86ea-6693b0b7b69b", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20ca0d79-4f7d-5bd6-9611-0c5617fdf794", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b35704ff-1c29-5013-a2b4-3f781ee7fa0a", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f79fe75f-0a43-544d-9b7c-9e2448f506d5", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:461deac9-09e5-570b-8b28-38b7b4ad9397", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a9e043a-5a0d-5f7a-a75d-8861d9b794bc", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9a2c9cef-8b4d-5687-8bea-b5a97afb0803", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd0e0c75-9871-59b8-a3f8-8b1195e41c0b", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5f632d24-a80c-52ef-ae77-4ee1017d8c9b", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b9a5889-21d4-5612-a3c8-7fa49e1c69bd", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:375bba39-1bd3-5c2f-b5d7-c1c52077ec5f", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:35e2fedc-d2f8-5b37-8913-74d4c3b0d2f6", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c40d9ffd-8c02-585e-b826-93f7bc4fb6b4", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:291051a7-9ac4-5499-a4f1-e9c2e0adc5da", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2182c57e-d83e-58ce-b6a7-db607dbe668e", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:83c0b932-bb8d-529b-8abe-96a5e46cebe4", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a1a13d4e-0178-58cb-9875-e58ace31ccc0", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:169b35e0-5382-5b4f-86ed-6f79a410a884", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7ef0561-f83f-579a-a1b4-9833549fc594", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c4fe9a41-28b0-5c93-aaa8-3e31cd8fd0b4", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6e5b14fb-835e-5177-ab67-596f4c68c152", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dbd30ac3-c3b0-59f5-a4f7-5b4f831d5ecf", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:05e338ad-6e82-5577-8d12-2ec6e1d232f5", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9862363f-0efc-5af2-873a-3352243b3cff", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.3.25-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.25-tuxcare.2" } ] }