{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:411a343f-7c7a-5a91-ab37-2b0b5b70363d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring", "version": "5.3.25-tuxcare.2", "purl": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3af836f9-ff41-5888-800d-03a5c024d267", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:84083aec-7991-5eb6-8392-2c3954e43d27", "id": "CVE-2023-20860", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20860 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b2746a2-7a64-5010-a95f-6b813451cc0a", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b1efa6b-e770-5fa9-8da9-753692952e66", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b078d3f-d368-570c-ae8e-910f4eb12c81", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c088e135-173a-5bec-a7fd-1590a4c235de", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2f145463-41e2-51f4-94ed-d25a8f34af16", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b8ee071c-b03d-566c-94c2-3d8a9adf354a", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fdbbb7ac-30aa-5e0b-b9ba-aa2a93300c27", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:758f52a2-48dd-50cc-be91-20b3ee8c963a", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5bdf467a-3552-5137-b5c6-4dc498e52b42", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97d7a2b3-5590-5701-bfa9-32f7007ff996", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fe392f7d-e91b-56bc-85bf-04df3d776bdd", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d298bfb-4adb-515a-924a-fc39061b6def", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd02102b-cd6a-587b-a193-601aa3ed8f70", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0464ed0-c0a1-5ff6-aece-2a8b829488f9", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c186a48f-5064-5aa9-8e05-1948f660b1e1", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed1a579d-4287-5cd0-86db-607767772aaf", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8cd4c6c6-2416-5da4-adf9-0d27ac5ed4bf", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1fa2b98d-7df1-58c5-ae0b-7c17ee0275e1", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36b7db9d-4841-597c-b4f1-f353befac385", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:04894ba0-ccbf-509e-96f7-ccf36cdd43f5", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3bc9c3b0-d3b5-5431-b5dd-f99ceb4cf49b", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a1367549-226f-5b3e-9970-d32452051218", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:505279a3-7726-5a76-9007-6ac77f6c211c", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cb8292f0-5608-5046-a055-a72118dc550e", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f350a58-d6a6-5232-a450-57e62f064283", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:53a5d5c3-a465-5dcd-b187-dc4eb90964c2", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:796eced0-5a31-5d21-a8df-4d82b80a468d", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:63e7041f-b662-551c-8723-6f580675142d", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d9a71ecd-d245-5d6a-ac94-e09e64f06758", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:905e955a-3ae9-5314-acbf-8dbb8e13f4fc", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e35505cd-9a93-566f-9d63-53278b4361b9", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c6740e23-2459-599e-9cc7-86c6a83f75f3", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9e23c1c4-3e44-5614-927a-717af57b5fe2", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:52333c85-038c-5813-a02b-7134aa96b72f", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aad54fd7-72ed-5b89-9f9a-d51dd2e23732", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:81cb3818-b250-5526-a28a-a35101588636", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:abf429f6-3c5e-57f6-928d-e1345c4213a2", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.3.25-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring@5.3.25-tuxcare.2" } ] }