{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fd24a759-0993-5370-bd94-01a5bf243fe3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-webflux", "version": "5.2.13.RELEASE-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:09807ef4-860b-5ad5-9d38-53986591c01f", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:359b1e96-0802-526f-a08b-cf85a70851dd", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1fdecbc6-06b3-5e97-8333-77a302f66851", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:61cd2db8-a85d-544e-af81-425c3b1c8f99", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3fb7ca4e-0a29-53cb-87e3-02597c3f627a", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ab3a1ec4-a56f-5351-91b8-9183f4532b1e", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f2880602-9f13-5d81-a9aa-3551489607be", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f0fa222d-8535-5162-98ec-8bea948ee618", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ec377898-0a6e-538f-a111-f0664bfd6254", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dc94d8f2-1bfb-57d3-b431-c2172edd4c4f", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ac8d83d4-5b4b-528d-9dd4-90a22d97d2a3", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8263848c-f63c-5ff6-8775-d903692fbc6c", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4e3ea0ad-2683-58e0-86dc-74e30cfb8095", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b3cca2d9-c7ef-564e-9cb7-379aeed65820", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:21bd608a-72c4-502d-8dae-091a8b841411", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dc7e15e1-6c4f-5954-a5e0-9645201e4d61", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:63aaf52c-077a-590a-bb65-7832c76c1b57", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:110ebb56-f936-55c0-94eb-2d7cdc95fbd1", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5d8fb0fd-f99f-5a1f-815d-b2a76012f4da", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0b1c08e8-e8c8-54b5-b892-af3c358360ee", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:774983df-2da7-525c-a15e-d661b2f2cae3", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ae9973ce-27ef-5a06-8460-aaafa936b3d4", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:65d78982-6c2e-5740-9fc7-db66e3eae900", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:155f3aed-d0b4-58f5-aef4-b72fb483995b", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.4" } ] }