{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:98e0434b-bba6-558b-8bfd-5e84b81976ac", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring", "version": "5.3.24-tuxcare.1", "purl": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f5762606-a9cd-5560-838d-bd3d87d7ebcd", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2d66f024-a91d-5300-9cc0-f046d3cbc034", "id": "CVE-2023-20860", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20860 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5bdc6e38-b661-5acf-9a1b-0fbefab93647", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:890e67da-b8f7-57e3-8958-ef6efa9c52f4", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:854c2c5e-3036-552c-9a61-a7d6e9df7904", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8537a3df-d0b9-5057-90d4-c9ce8776f9eb", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:375ac273-7e07-5fe7-a1fc-a804e6b8bc2f", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f7a90c53-0068-564d-a23f-a12e3a4beda0", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e2b7dabf-239e-5f50-853a-ffbdeeba7829", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c76bad83-1f1f-53c4-b3ca-7a3928a3ab5c", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:39b55b73-9317-5afd-8f93-3cfd3cb6b81d", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b0ea9e0-7c2e-595c-9039-39cec1790f06", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:27b629e8-3f51-5371-916e-3ee54e6f75de", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f9470d55-b5cb-57d8-8715-de2f56a0af09", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:babb2856-b217-5b81-bee1-d4839482d67c", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b382568-4799-5f91-a1cd-fe6fd9fc8048", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:09e3a35e-d75d-594e-b4a7-b5460ac54055", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b05d3d7-b8f4-5fdf-aa3b-a34b759c11fe", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60c1b044-fc92-55d0-ab0f-06dc38c8c9b0", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:84a6690c-c262-5ecf-9b05-5716c9ec0b81", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e62ba57b-e34e-5baa-bec7-82cc87553990", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d3267cf0-f8eb-5c7e-ab43-e204d67b4f5c", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75053cd9-6aed-57de-8f38-b563878c3d78", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2cd2d0ff-c0bb-5875-9dea-311f1df1bcb0", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9076b704-078e-58fb-b99f-0d4a139c70c3", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9e77cd1a-1042-589f-aaaf-c75e4c842053", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:50426a9b-db9e-5d11-8d63-1cd3291b8998", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9abe42f0-fb7b-51de-bb4f-c6e696fa7f38", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac7131d3-0fec-5148-81a0-c7a4ba5ee94e", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f010ec4a-6540-5752-a344-ca1f19debfd3", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b78cc15-9c48-59d4-943d-c4819046fa78", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3af28e37-8ea3-52ed-924c-5fbdb6419575", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:36af2aa0-a3f3-5d12-adb7-cee8a2aeaf1a", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a55d1cf2-11bb-54b4-8e93-875850eea2ac", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:26b5e993-9ebd-54a3-a2d1-0ba3ba198688", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef458f53-9636-5166-86d5-192797239f1f", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e5a96869-5724-5c30-961c-6bc1b919aadb", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83f0e567-e22a-5f95-98b9-339396b87c89", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:785c1777-2bf7-55a2-a33b-08b1269bffca", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.3.24-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring@5.3.24-tuxcare.1" } ] }