{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2c783a6b-0460-5c15-9013-7a9d5b05aa75", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-web", "version": "5.2.13.RELEASE-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:236fd98a-46cc-5674-a488-b1c95ad17b59", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:641d1011-870f-5bd0-ab26-406e00d71595", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6dbb08f0-d1d5-5b4d-902e-a656f8797374", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f70e59e9-3021-5a7d-a73a-559ac72bbd94", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b2918114-a282-5bcf-9f4a-a2559d287f51", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:40979c06-58e6-5e85-bdb6-dcba99a17fd7", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2c8c34cd-f46e-58a3-9b9b-00b1133ca4a8", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9e72f5bc-dddd-5e4e-8056-65e52965b4c4", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:94a98f70-cf1e-5854-bbdf-88b685326796", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:11935a3b-41c9-552d-accf-b3d367fe4667", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:02e07c0d-6eb6-5351-9e11-893831450dbc", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:70d02dbe-062a-514e-a037-c845d5b0769b", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:57492299-91b2-5221-8530-ad63b69e8bbc", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dfd50d9b-f737-5c1c-9832-22b08e7e1530", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:840054fb-dc61-50f6-99a2-5da8757caa22", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:03a7fb54-c2be-5f12-8cbe-a0fd414fdc6a", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e2e7a887-f7e0-58fb-beb3-5b6ff6568c63", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0ed49dbb-d7b3-5a73-9c28-3ad832f77b87", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4121e5cc-d530-5112-8281-107961f4ccaf", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d5899fb5-f27f-5695-b729-d41d82c985a8", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0be32c42-711d-5bbd-baa1-94f218fcf77f", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:822964d4-5b04-5aec-a60f-5221537eb8b3", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3f11bee3-8c58-5c1f-9c17-7f076f0cb2fa", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:96b8cc32-2efe-5b75-b49a-585aafedeb54", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.4" } ] }