{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fca2bd22-3d48-5c5f-8779-5a9f44cda48b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring", "version": "5.3.25-tuxcare.1", "purl": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7b20a7ed-d47f-571c-a6d4-dd098aa834ee", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4891bf9c-15f2-5cb2-b27c-0038c8d5d2a9", "id": "CVE-2023-20860", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20860 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af6bf83a-d579-55c3-a7f0-ab3abe194771", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f9d228df-0ca6-58ee-a949-86fe3ee99251", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8df96515-f804-5e5f-b8c9-9d82bdb8fb12", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b10a05e-8b2c-5570-94f0-29a0bb968303", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b6886b3f-760a-5bf4-8980-6bf27c8d6d85", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a547be92-6c28-5926-b7af-b01799344a01", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac1a6710-a58d-5ebd-96b7-db47445d221b", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0e87c62-1a8a-551b-b2d6-55a678c104cf", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee56a22c-72a3-589f-a839-4fec3b9fecce", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f05882d3-f6ec-54a2-861c-516de8aba8e5", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:768e47c2-9935-5d0c-878f-50251063f01f", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:408780de-58f9-52c2-908f-7eb4cde75205", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:140fb71b-eba2-532e-bb93-15dda149de7b", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed95cad6-2287-5a65-8588-1ac8018d9edb", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a8fb4fa2-1331-547f-9651-c94b0d38ae9c", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ea37e473-274e-5079-a80c-283794c2e4a0", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0afd8dc-a5d9-5dcb-9791-008ec874df14", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c82171a2-b026-5c58-a9f4-8b37c3b5bfaf", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f6864cf3-cf65-5299-ae73-6d6d55540098", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7e56eed2-a535-518a-b6cb-c1056e04a58a", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5a23a1c0-2cce-5aeb-8d6f-afcf614815de", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a735bf9-2b2f-592d-9445-3df273c5d1f8", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:def1084c-19b0-5a44-a103-e0614cc36c0c", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1abd3b1d-c3e7-5eb7-a82b-ae680b0a81fb", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:86b60838-3a04-5b39-9ce3-05a09c194a0c", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e388967c-aaa8-58de-ba10-7abff433ae1c", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:00e97193-a7e8-5d6a-b749-3380071f0315", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c734becb-b2b2-5f0e-982a-147f4c5c4f01", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b733e2d-d078-5d4f-8ec5-d2f82e93b880", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7b60bae3-8e8e-531b-8fd0-717122a4f8be", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f1029f4-a80a-5b6f-b421-75229ee799ca", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fdba2c8f-cb49-55f4-ab91-18d017ea5dad", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af3db250-bceb-5bc2-8856-02328bbbb09b", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7142d5ef-e342-5411-a72e-427fb2a43b58", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:56c2bf3c-8b32-5933-8933-a53846bd1fa1", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:911494f5-ec2c-5122-930e-5bdc08d2eeba", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aa2c205e-1824-53f2-9fcf-7ba0fbc68484", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.3.25-tuxcare.1 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.1" } ] }