{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a7ba8a87-b878-5bfe-8d6f-d62a9625acce", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-web", "version": "4.1.7.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5be763a8-8d0d-5c28-b423-4388950df2f9", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d352a7ac-4b1d-5d17-81c6-5c5543d5a300", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aef85658-202a-5211-8413-38050050de27", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ffc97965-0f71-5e78-85e6-39de50da2790", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b0b23ad0-8442-593c-9c00-0d16a22dd802", "id": "CVE-2018-11040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11040 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dd968e1a-0e6b-58e1-9bd6-4a9efee404f8", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:58a643f5-44a6-5931-a86f-db8cd28425b4", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bc17bd0d-3f66-574a-b84c-6fa444cea111", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7ed5db31-b891-5570-a54f-deadfacae30e", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:df2c321e-19c2-5d0c-a4bd-1975fd6e5951", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:df41396d-673e-5908-998d-32b2f596191c", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3db1a6c8-4fee-5a80-a95b-c7655cfa702d", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:12b18a26-8b3d-530b-a86b-21d4ca56f0cd", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:873c41e8-c1c6-527d-af8e-88f95179bed8", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d3d7bf75-8307-5eb3-a4b0-af76c8a90d34", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:07c8f613-57ec-5ff7-beec-8925666b72b6", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:290a3a7c-6005-56ea-9076-34535ae97e56", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9dd85d15-5b14-5781-975f-c8bc3d11f245", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f75feb68-51f6-5c06-9cc9-ac76b011767c", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fe0d1cfa-3e1f-5223-a88a-9988bbb1ebbf", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:11980595-c1e5-51ad-ae69-286f43fb59a8", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:27e94440-764d-524e-bb5d-4c7180d03c67", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0495d5ab-9d1a-5e24-9b17-bcf7f6cdecdf", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e61fc5cf-c555-57d4-9021-3a19a2179889", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:731fd827-cd9d-5b75-b6d6-7f17506b5953", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cf370059-3aae-50a3-ab58-fb54b7957529", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c7121e97-08ae-51dd-b2da-d96d1c67434f", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:63b88381-8870-5a2f-a63a-ff162e6c0c9b", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e9c1fa83-baea-5ded-b5e2-6409eb86ecae", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:052d669f-9252-5c14-89db-9b7ca8579f6b", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.3" } ] }