{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fb5a709d-d8c6-51a3-880e-b6ab620dabf0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-web", "version": "5.1.5.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c38027c7-9c51-5d25-9a1d-34a54a62ab38", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:736164dd-b9d9-5188-a2d8-0325ee61f56c", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0d668712-4ee3-5d64-a402-4839916ce08b", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:22684e7a-f4d5-5384-9a62-e128162a2d8d", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7d461c34-5aeb-58ea-b3ef-c754ee9fc415", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:befe56ee-9ded-5249-a878-d14b77aacbef", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:abec60bb-42f2-5d7d-b3af-5df8e3e2e39b", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9ff4aed3-fa65-5d2b-8b7c-f73843dcf0f3", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ed2657e1-d670-5abc-aa8b-c6e9bf1665d6", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:da33407b-1f69-530c-89c7-c94edd969909", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4a83bdfd-6bae-55cc-a33b-ab46cd5a751a", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ab0f2741-cacd-51b7-bca5-88caa66061ad", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0b75fd8c-8045-54c7-a4c4-c5c2f386e54b", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5b460ad8-548a-5c21-8624-cf36fd49e8b1", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6786b80c-5070-5ffd-8b9a-d5d2511bf6c0", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6b7986ca-9120-5c11-b997-a94659415ab4", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3204f240-5512-5163-aefe-7eb59023fe37", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-web 5.1.5.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7ef5e7ff-255f-59cb-9013-99ef704c3e2f", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6cadb8cc-3763-572f-8e8e-17660937d77f", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c58a46af-671d-58dc-ac67-c317be685b0b", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:07cc8ff1-d6c0-596d-ace5-be427bbbf435", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:677f5504-e790-54c0-a6f3-d5a5860fccf6", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cf3530b0-cec3-5155-b8d9-a126c64c0f2f", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2581fcd8-143c-55f2-a7e3-a5958e00956a", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0c2fcc89-cfe2-54aa-b2c2-f81dc355ac48", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7fc0587c-a6c9-5e74-84db-5f601627a372", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c96125b3-184f-588e-ac4b-75746dcc938c", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1cbc5dbe-9bfd-522b-a555-ed163c77b37a", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b80a80d9-e695-5a28-9edb-dc0e87a0b9fc", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:45f58553-6290-5d69-bc52-6a462f3d9b10", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fb4f5cb5-e981-57ff-bcff-96a4fcb810cf", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4c96d818-dc2c-577d-9aa5-5cd22421c329", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:725bf11f-d94d-5e17-a4be-1d78d0c92b8d", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dd2726e4-90dc-5fb6-b6a8-a471a439bb69", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f3791e39-1abf-5a97-aa6d-1ae5b26af37c", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1cfe8666-8642-5d4f-94a1-1d4d7cef44b2", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d6532093-5d7d-5013-b4ec-b3f1945f5106", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6f1477d7-3491-577d-a345-931665197e0b", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ec19f8a1-43a8-5719-83e8-c9a9d9cfddca", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:73ce920c-1b01-50a0-b2a4-ddbf055a2260", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:31106fb1-172a-5ead-9a97-762d54b3fa52", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:89bff912-9713-5151-946c-ae544d9131b3", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3d9c923d-5b88-5a24-99a1-e32d37cc5605", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0e7eab75-d556-5f70-8973-2a0cd8c0a3d4", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4d4894bb-14a3-5701-8cba-d707f018bfb8", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6ee080ea-eed8-5078-bef2-078412df7e24", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.3" } ] }