{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0754af74-3886-5cf5-93df-90989f26fab1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-web", "version": "4.2.9.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7a7b828b-a5f9-5aee-ade2-702a1d563a74", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80816b3f-0d40-56c7-8b90-1f1acdb190f0", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d135e5e-d32c-54b5-b750-facc10d9ce0d", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c7ddb72b-cf2b-57df-93aa-7f1774b5eafe", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8965292e-b80f-5eac-a99e-475bac4a379b", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e01b8cf-7190-5336-ab7f-acbfb72037d3", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:196ac1d3-7724-55ac-8072-7b66247911f7", "id": "CVE-2018-1275", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1275 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f2e7b01c-57e0-5bb2-a3fa-eb7b19b5a645", "id": "CVE-2018-15756", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-15756 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:374d2a1a-d6d7-5695-9e09-02859a7bee24", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:299543d7-fdb9-5083-a13e-be0615fc900b", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf4543af-751a-5d1c-bab6-fa1e2dfa9e47", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:06a78b0c-4fa5-537b-a733-e279e7da84f8", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2fabe0bb-3ea3-5fec-8fae-d79c36ebc0da", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55f20ed8-651d-5e24-abda-ba5acbe4fc7d", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b7d3ccd-639e-576d-9e33-9d66d3d14081", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:058cca7a-1189-5d47-9d63-e2910f391a21", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fd1f22e0-7306-561c-814f-67f4f8d37961", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4aa48f7c-c97c-552c-ba8d-deea3cc1d307", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9b2f92e-d164-5c09-85c9-cfab702e6b8c", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7dbb378f-2fa0-5983-bf2e-e7ad46903c82", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:676848f5-e4c7-57fe-89ca-a5f817cdcd72", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72914f92-313d-59c2-92a7-fb9bdf2f4b20", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aa8c4386-1089-5acd-b431-019cd8e47d51", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2304fe82-57e3-5a83-8b70-f031b761940e", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:032bbb0c-f157-5c7c-aac0-b628cf4089bd", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a8a1b479-53d1-549e-aa47-2c32dafffe0f", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f810b45-9e7f-55b5-b7b4-e106cf533a35", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb02c925-723d-5e46-b6f5-ffa20732732e", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.1" } ] }