{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b952d853-3600-5f92-b426-236301853350", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-framework-bom", "version": "4.2.9.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ebbd285c-2573-575e-b51f-4dc8ee94f448", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8246e553-bd2b-5abe-8f3e-030925000d63", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3c62d21-5912-5439-954a-a83fd2936d76", "id": "CVE-2018-1257", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1257 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a7fa502-613b-5b19-8b91-0f76fbb0585a", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:edcee70b-e8f2-5d32-a670-cb24d66cdc97", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bcf5a5e3-fd50-5027-8dd7-2f0ce6bc6228", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:80d0f7c8-b9e2-5d1f-abe7-55094e026dce", "id": "CVE-2018-1275", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1275 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:87b240bd-bf93-586e-a0aa-e8a4d91c1edb", "id": "CVE-2018-15756", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-15756 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1de4a227-e4b3-547b-826e-5e64403c396a", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:43b6f10f-9081-5d76-9256-da83ec5d4821", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cad909fc-15f4-563e-ac66-dd6569066582", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:83141d6a-43be-563e-bb73-d40474601915", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8979124d-40d5-5950-9aab-eb11d4cd22a6", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9d97d325-20ed-5019-8a13-82a88b63b049", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:772c3303-096c-5690-b731-7d89dd3c7847", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cb6fecc9-4d31-588f-bb21-867955c71967", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc3a2988-2b38-57ad-9662-55381de8923e", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0d79ca9f-96b7-5aa7-8060-0490f5d3518b", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:192a2330-6745-5ad5-862a-8bf704cbba81", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:24618a90-3890-5946-8e0f-ad940f3ecf54", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37f75a6a-9c8a-5352-94b4-7c88fd7233b9", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6b5781a4-40b4-5529-85b1-ad0660291c5b", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:284ee09e-aa9a-549c-80e7-8395852ffc96", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f4d508a6-e735-5af2-bc63-dd6a9e0046b2", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a6c195c6-3ff0-575d-ae93-2b389073a170", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a0ff9c71-f6f8-5010-94b2-a82ab7e91b3a", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:db0c47c2-a512-5397-be22-41fe4e000bc7", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:71f1e824-2b23-5527-b4de-ed040173df53", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@4.2.9.RELEASE-tuxcare.2" } ] }