{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9beccf72-d0ca-575a-9c0e-f218f906efa7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring", "version": "5.3.30-tuxcare.2", "purl": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:abb2a1d2-9c57-579e-9e3b-349039200dbc", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.30-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a0830c0-cf91-5ff5-9018-9e05adf8429e", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7ed9c0de-eb1e-56d2-8d74-61d65d0e7d53", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17606ce4-5227-52ca-aa0a-7018969df528", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9d35ffb-b03f-5528-9eed-29ddf392c94a", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06a1453e-8274-55b6-ac18-efe804f0185c", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c9f4bd6-1bf9-57c4-bd0a-bee5d07d1720", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f26d3121-5bce-51f0-af21-f883a4b07c7c", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9c20c416-58bd-52b3-a589-748c0d807801", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1593d89e-c5f5-53ee-bdad-4e322b9f1754", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5b20cfa-d523-5c0f-b76b-0baac1da4d86", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0d5b97fd-9c07-579c-b3cb-21e02b2da35e", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2ebec346-258d-5c7a-bfe0-b3c2d94a12eb", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e263175-1457-5af7-a5fa-791f3d5da373", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:41c283cd-c6c2-5a71-ae14-97849dcf46f8", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.30-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5a39c61-4ea6-5d37-bee9-1be272bbc057", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.30-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b072d7c4-3bb9-5704-9a6c-a450a7f6e984", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7aa8048-b48e-5973-be82-09133f2746c2", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.30-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e794cbe-a622-58b5-a118-3bd87608ad57", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.30-tuxcare.2 of org.springframework:spring." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring@5.3.30-tuxcare.2" } ] }