{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6b0ac9f4-ea4a-5ca2-ac35-5241a505d052", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webflux@5.3.37-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-webflux", "version": "5.3.37-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-webflux@5.3.37-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:190c78da-4446-53f0-a010-6375acd7d8d9", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.37-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:600b48a3-34f2-5b8c-90c7-b0bb571deec2", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6dc809eb-3d17-54eb-93db-98b17c497e01", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d38e6546-afff-574e-abfc-ddece2139197", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1a167ba9-ae7e-580b-8c9f-860dd1fa580c", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.37-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c3fa25e1-b44e-5191-836c-0b28fe892713", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c6023d97-e577-5796-9cc6-7c05092e7b45", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.37-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f2f48d89-c64e-5996-b020-9fe12adf1522", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d25fc621-aeeb-5e9b-8421-2aa99d0578ca", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.37-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:45eb5f89-92b4-5c0a-9cb1-6e7465a82142", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1db96256-e9cb-599d-9122-9d95d7d872e8", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.37-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:585f13af-b60f-589d-bbcb-46b6c9a18fa0", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.37-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:99b4de4e-403b-52ef-aa25-b4d40418d1d6", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.37-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ff0e0f59-6915-555e-a18b-b1b11b85d833", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:38aa4405-ecbd-5f7f-bbfd-c515cd68396e", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.37-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c55a15a5-e198-5bad-b063-332f672a2a2c", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.37-tuxcare.4 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.37-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.37-tuxcare.4" } ] }