{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d1e5f409-c981-553b-b9a3-4d712cdcd85a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-framework-bom", "version": "6.0.23-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:81b2248c-5ce6-5c7e-8606-53d8c8a23fee", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 6.0.23-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:27f42289-c9bf-5826-9c69-ca0f7c5a4885", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2ec8770a-c4fb-5ce1-9217-c4592648c211", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f74ec3e7-6ea3-50cb-be15-335de38af369", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ee693c1b-0493-5292-b365-4c95dd4e50c8", "id": "CVE-2025-41234", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:177bbb75-b79e-5ba1-99c6-8790aae559da", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 6.0.23-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:63b043bb-1d3c-54c0-b490-d8b86df9c8a5", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 6.0.23-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ba4b2f82-2750-50a7-8a21-4e544ec7504b", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 6.0.23-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d0a5d9b9-0747-5d9e-a786-fe8d08c0ee5d", "id": "CVE-2026-22735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22735 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cd55fbd2-60f4-50ce-b811-e0c06424d297", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 6.0.23-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:598636b8-2711-5c2b-8b15-3e7888c46a03", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:648b1979-bf85-5a0a-b5f0-a7eb7f04e333", "id": "CVE-2026-22741", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22741 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9b7c84d9-e006-5605-aa04-d0eab237d76c", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 6.0.23-tuxcare.3 of org.springframework:spring-framework-bom." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.23-tuxcare.3" } ] }