{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:989a572e-34a2-53b9-8a9f-94450eefbd0d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.29-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-framework-bom", "version": "5.3.29-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-framework-bom@5.3.29-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:dfd21be2-d10d-5ca6-817e-0ae95df8f6bb", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.29-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:495e7cd9-b25c-55f7-a558-258d58357677", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:26839963-8f52-5654-9869-10e153f7623d", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:25b8a389-482b-5100-abbc-993c544e6522", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8d77aae4-f982-5764-843a-37ef56280638", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:223f67e3-f5a2-5e37-a9ac-b2d2c4fd2068", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4629db48-8043-5d75-b55b-8464dfaf0a6f", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7f3d4de1-2c89-5425-8692-bd2934ecdef0", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1288f9a2-177a-5980-8e9f-e5b6a605720e", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cb1d9046-cd07-5117-a6bd-9bd13c88bf1a", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5eafb166-223c-56c5-ac9f-008450d1acc9", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bd4165e8-3ba5-5404-9fc3-e30298723534", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-framework-bom 5.3.29-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b04be390-6e83-5bb7-863b-65ff7dbf0154", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e59bb84b-eb85-58d5-bcec-801158c16e1d", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7aa55fd7-2fb7-5273-abc7-735fc3414a87", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b8ee06eb-c240-5260-a10a-e8985f7387ce", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.29-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b3f69313-91f4-516f-bcb4-1d0297ace6a2", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.29-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3e9d8eca-02a3-5587-ba7a-98d15d46f70e", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:06c70a99-20c8-539b-8af2-b44799703a5a", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.29-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d019ea9d-cc0b-59b2-b6a0-39e8a56b7dcb", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.29-tuxcare.4 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.29-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.29-tuxcare.4" } ] }