{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0c1ed50c-04f9-5acd-a21e-f5a2f8e94a67", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-webflux", "version": "5.1.5.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:29b90dcb-8b36-5e5f-b69c-38f955ad561f", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6876922f-88c7-5087-954a-2b0f96b8ceb4", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:10b5036d-7e10-56d5-a953-c4fa16c00567", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b22ab676-5132-591e-b9b9-a8dfb462fa13", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3bad7d4-477f-5cc0-89ec-76454e77de3e", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:65c3527c-e277-571a-8aec-6b039c3ffc65", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f200009-90a3-5a66-b627-3378c72cdc89", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:be8926aa-6141-5724-b37d-c9c69f59f2eb", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:750d1866-4cfb-5919-b183-888c1c7e401d", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb02b30e-fc81-5c70-a93b-0988bf29d3fa", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:129ff11d-deb5-5ff4-9e73-5274a80a952c", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:62b57abb-77d6-5cb5-82f6-72623d14a852", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:99fb3b37-35d6-5cf2-8c20-8c58677f26d4", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b6c4ecbe-b2a4-577a-943d-def39c974573", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:692d6c61-1934-5bdd-b940-020b1b970ed9", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f991493-789e-5dd6-8b2e-03ac0bf5ad15", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3fcdade5-d515-5791-894d-76f1095e9e30", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-webflux 5.1.5.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4514fe0d-db90-5cb5-8fe7-816c499100fa", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:66bf389f-6816-59d4-a750-7f88e18fa1fc", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c0a71c4d-4b32-5747-9eb9-623fb396a1e4", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a949958-5781-5a01-966e-74f2a18ada63", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a2beebd-8573-5414-9dd6-66efe6f66285", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f06a244f-427a-5907-af25-31e3236c60c1", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed0b7914-b820-5ff2-acc8-02e52ad99b02", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:588f8c45-9a23-5def-9e20-c4ee3eaf1336", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c08bc234-0df8-5f52-9664-325404fe473b", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b1a68e5-6e82-5ca1-99e5-c4d507f4d1b7", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bdbdd355-1974-5cbb-94cf-88a13c8e7c07", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:23ca387a-d0f6-54b5-ab0b-61cc654a0648", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.1.5.RELEASE-tuxcare.2" } ] }