{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ae0a87dd-b36a-5495-bd71-7b62650bd0a2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-webflux", "version": "5.1.20.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:dc6642c7-9194-5b5c-a9d7-49c849fbb8e0", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:563b6b11-cf97-5b79-9cb0-c85a8973d429", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db839ac3-5ff2-57b5-a9ea-2eaab1e1d385", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8286fa2a-6ac6-5753-a10e-5833a3383dc7", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:03bea702-a6d7-5810-b4c1-45c30b4bb909", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a7e11d7e-2f34-54d8-8167-72a60fe4f74f", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b7f5c18f-4da5-50a5-b38e-4b2667ca873a", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf95acca-dada-5daf-bffb-0680b838aba0", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0b9709ff-f9d7-5a47-9749-beeb384f2e42", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf0d2d3e-0816-53b8-babc-a486d28dd4c9", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f2353dff-bfdf-5cdf-9060-455a18f55796", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2fbceebf-7313-5975-b462-beba64992794", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b86bb0f3-05be-5ae3-933b-08e60ce42aad", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:759cdf9d-be3b-5034-a5c7-7d91a9db681d", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:948708c2-9604-5a61-8a73-7fdc1a3a99ce", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f529043-ac1d-58a2-8b50-aa00606686d5", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-webflux 5.1.20.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bbe3dd78-5ed0-536f-8d2b-354faeb63b55", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:05e52b51-4d3f-5d6d-93d9-2d42aea4ef25", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d1a123f9-2041-5ca5-a3f0-5c2118a3623e", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:97c96ecc-5d49-5aab-8a86-370531fdb1b8", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:003f4a27-449c-5cc8-a00b-6e53ba0dce29", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:84c41560-bd6d-5a15-a227-a7d8a983e551", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:43f7650a-0ea4-5509-af82-85198ee119cc", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:56fe3be3-048b-5dec-8b22-1b2c2a6838a4", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f712494-42a0-53f1-b3cc-9dcf9eef5c22", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.20.RELEASE-tuxcare.1" } ] }