{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b2b5dfbd-2b70-5c90-804f-63e2381a315c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-web", "version": "3.1.1.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:89514659-9cca-56a2-bb5d-b8e53d08f8f1", "id": "CVE-2013-4152", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-4152 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:47613f84-830d-5a4d-93d4-0359939651a9", "id": "CVE-2013-6429", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6429 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a7307f3-2147-5560-b166-2aa5a587ba4a", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc8d17e7-3af8-5cdb-bc72-fc00111f1cbf", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:669c6964-d681-5a02-b13e-8fbaa2c06c98", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1028d4f6-8a73-5dd3-99f3-d2c0297baca9", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8cdd6b6c-ab68-563f-859e-5cfd0b3240c4", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:abc81d4a-4478-5969-a3fe-6950924ea760", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:08b663af-7216-5b42-b53c-ec23d095a791", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:860ad2df-83d4-57f0-b0be-caa134827f89", "id": "CVE-2015-3192", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-3192 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f08f518-e3d5-5d93-b354-40349313c754", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ebd48673-b4a1-5cc4-b183-614f4899fc4a", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:22c53681-bf66-53d1-bca4-5f6de3f877ac", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ae68604b-d6e6-50fa-8a4f-517a3d4534a4", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6f427b9d-4022-5b2c-bf83-dfa5707123d8", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7d70111-19d5-59f4-a3e9-f51b2a39fcc0", "id": "CVE-2018-11040", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-11040 is a false positive for org.springframework:spring-web 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e57199a-cec7-51dc-a5a1-64bd5def227d", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-web 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7841dd2-3b2a-54c0-ab16-188995978296", "id": "CVE-2018-1270", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1270 is a false positive for org.springframework:spring-web 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:222214d8-d9b9-5b54-b3eb-fbd502c36399", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:65452aeb-e74c-5778-9721-876ee909e605", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:27ce199f-5c40-525b-aa57-f59233a10721", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a5d0575f-0dc5-5631-9ca9-6572755178cd", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d35b200e-4b07-5c27-9668-8e86f8c24313", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c0f7a1c8-9921-585f-a8fd-c9ac655ac6bc", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f23b8001-3fbd-5fb8-ade7-22829c2caef4", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:edbb977a-ca1e-5740-88ff-e5aa69ab997d", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f964c7bf-c260-5ba0-bd96-5f69a337ec0d", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bda13e3d-4655-5618-b1d0-e7f48364f9a6", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:faed14d4-d1c1-5f52-9420-e6c51c28b23e", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:58d92edf-14ed-5eed-b720-f23f40fade21", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec8d4c11-9f42-5fc3-9c9a-14c56dfcf131", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d9d80a5-6b24-5360-9b2f-da0537494859", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:82f28856-02b0-532c-8559-a725f521a657", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f0b2c44d-1a6f-55b7-bc7b-1a7596421d10", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b4811653-78e0-57ef-9a7a-860316e193e5", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2f479c4a-c36d-5dc0-9913-4568ef9241aa", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:07f90332-4b1c-5361-8f65-f60d63389922", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:31045765-43e4-50cb-b2fc-11b3bcde0bad", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a0aecf7e-65c6-5841-803c-5b444c7e7b35", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:360f85e2-7a78-5bf1-824a-e39d89567571", "id": "CVE-2025-41242", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41242 is a false positive for org.springframework:spring-web 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6b5670a9-3abf-5c66-b355-731c87f0e81c", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:571ec2fe-7aba-50dd-96f5-bb7eedca9abf", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1be1827a-5458-5c15-aa13-ae8be2d12dff", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.2" } ] }