{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:de177bcc-ae6d-56aa-b96d-7b594757654e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-webmvc-portlet", "version": "4.0.0.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:464b9f6c-a25e-593e-af52-72dc467152bb", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ebeb5f1f-714f-5033-8877-36d5fd645a6f", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:20ef95f0-e455-5045-9fed-7efc570489e3", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:deb1f9bd-5030-5c6b-b7bc-5e33318b195f", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d4024381-df11-5cfc-9322-73bb01ea2172", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0c22006c-0b9b-5a73-9cad-1c1e15432570", "id": "CVE-2015-3192", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-3192 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:adcf948f-0f76-5c5f-a8c9-09350790442f", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8ea79042-197e-512d-a5e4-6c1d62c852ca", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3a88c89e-26b6-518e-8987-28b4bc742780", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:024ec048-6ae3-5e8d-bb05-8e2e724694c0", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac2eb966-be37-525b-9dc7-81851cee115b", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:18af5ade-0cc1-504f-b0fd-3b9d0f4897cf", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:48f29890-3706-5aeb-b218-4708863b98bf", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-webmvc-portlet 4.0.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1df57d07-8c5b-5b9b-9463-ff7f342518e7", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8a897960-0867-5c4e-bf18-f17b755d09c1", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c4b53af6-1866-5cd2-ac6e-9924bab8f143", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0bf7a05f-e715-5ecc-917b-b28aa8d256e3", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:80f430e6-77e4-5693-b2c9-4bd4f136cbbc", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:079e5f35-b5d1-5667-a7cf-3d6334a1c5e8", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b17b0063-f72e-530d-9c4a-6ec7c207005a", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:38a7e8a5-4bb3-5d23-916b-e8cb78b05d48", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c87d8e0a-eb7e-5c7a-aaf3-30222c1e2261", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3d5921ef-750c-5eec-8a4d-f4739e3ce4bc", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dcf0d288-73fd-56c7-941f-48055b81fd36", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:979ec704-7e09-5a30-acdc-1f9541edd68f", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac9ebc8b-e60f-56ef-bd1a-bdef7d2ae2e0", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:07df4800-7a2b-5508-bdfd-a90794c9e049", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dbb28e64-bec5-5d38-9b11-5bd2e5a16eb1", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8c1717c2-460f-5dc5-b32a-94f891d5da27", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5967e692-82df-561a-b315-f3358032b1b0", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b1cac981-124b-501c-a886-097881855351", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9880b1fb-694e-5346-8f54-143fa6b16385", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bdadd7c5-6093-5187-9d06-191cb271901d", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bdd1e22b-e98d-5b74-938b-50807f9989bc", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3a9fb4bd-b07a-5943-bc46-0423acbfe2fc", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:25b97c4c-7271-5cf8-91b5-23c05ad75e12", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1f50ec1b-7576-5370-b16a-c683af3d1ccf", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:759985ab-4784-521c-9017-2406ad00a46b", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a98c4bc4-a6af-5d7a-a05a-900361815ddc", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4d49f380-7984-56f0-bbc2-4af69670c85d", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2d22870a-724b-52c6-b142-1d5c26b75af4", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.3" } ] }