{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a9cc3e20-3773-5bd4-9f2e-ce44ab685673", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-web@6.0.23-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-web", "version": "6.0.23-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-web@6.0.23-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:62f019e9-d75b-5537-9e12-705145b88715", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 6.0.23-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:da1de6d3-185e-5334-ae8c-cd946246c9df", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 6.0.23-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:834baee5-d503-522b-be9f-03d9d3c5a22e", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 6.0.23-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1866bd07-4330-5b5d-957d-be8714c610ea", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 6.0.23-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf3505df-eeb7-5f7f-a8b4-ebdc2c288990", "id": "CVE-2025-41234", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.0.23-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e3e5db7-febf-55e2-bfa1-121ebddf71cd", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 6.0.23-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ace56aa5-d109-5d9e-ab43-171689ec3fb2", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 6.0.23-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c623859-b745-55a7-b2f6-7aa4f685f243", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 6.0.23-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6fdc33bd-38f7-575b-891f-16bed711a4b8", "id": "CVE-2026-22735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22735 is fixed in version 6.0.23-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:27de951a-eb0d-559d-a561-899188953e41", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 6.0.23-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ee39d75-cc18-58a5-8509-e1ffb686058f", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 6.0.23-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:de56d450-d44b-53d8-a34d-df017519fdcc", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 6.0.23-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c757418d-59de-5ca0-b4a0-4529529ce553", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 6.0.23-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@6.0.23-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-web@6.0.23-tuxcare.2" } ] }