{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1adf77ff-d660-5372-8f50-05357a08ac4d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-web", "version": "5.1.5.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d861de99-8928-51d1-ad5a-d50b30e147e8", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:da34d171-18a5-5fda-b919-c75ef6b1b756", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ebddb402-9e04-5b54-b7b1-af638317da1c", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fcb13193-c6dd-5f29-a418-8ec4ed7a14b7", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f9da004c-e022-5d83-98e4-ac6670102e19", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa777b96-b276-5d7a-bfe3-ab5d76d71b8d", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a0a00a3a-e163-5600-b03d-98ac0c4e3b8c", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6cd8b35b-cb9e-5573-b4a2-4c4b272fe87e", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0020bcd3-a139-5e7e-9b91-89f3d7525ef1", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9d4c7d87-3deb-5eba-8ce1-da965611a325", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:959f3f48-7ea6-5a5d-b50c-439bf23b97e5", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4caea5ce-289b-55cb-9b8a-9d4ab2201dd8", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a201b4d-1d31-5623-9d1e-9f74a7f98caa", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a0ea38f8-8174-5e18-8a9c-a3f80ffe1dc2", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0dfeca8-49fc-550c-8e06-cfb72ef99e75", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b7a1a895-2d72-50bf-a20d-4102eecb0bb0", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:158fd8be-f0c6-5c93-9f6f-3ffb1bd0222a", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-web 5.1.5.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e89fc6ff-391e-52dd-b641-16b2c29cf1ca", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:11dc3659-2605-5e16-a490-4586fd231225", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:227b4ba0-83b2-5282-8e6e-df85ee291b9c", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a52b004b-f25e-518c-9b2e-4002f0425924", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e833a771-1557-54ee-87f6-39651f4997b7", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6abba2e4-738d-58d6-8c65-322015e95c09", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:502744fc-9974-5c43-b138-425beb10e458", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3edb0884-e93e-556f-bb09-379ca5475750", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:185d8400-5052-59ad-9df7-03f29db892f4", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:65a9e088-9860-553b-b7bd-d309933cbc51", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5213a60f-fd9e-5eb4-a27e-c932316701a8", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:996369fa-11f1-59e1-9100-9f06e80e3c8f", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.2" } ] }