{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f79ae9e0-5972-5a23-a98a-51f11c5178c6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-webmvc-portlet", "version": "4.1.7.RELEASE-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2499e9be-76eb-54b7-94d9-d382ec5fe978", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3233d0b0-194f-5f97-b000-5d97faf660c7", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:25109a71-59ae-529b-a160-9d10b92ea356", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e8b1d897-db9d-5803-89ef-f391b75cf0fc", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9bd09723-e129-52b1-918d-0dd7a056a6b4", "id": "CVE-2018-11040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11040 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d8e8f7dc-cc66-588e-9db0-9c1e1d8494a6", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:619ff907-30b2-51a2-af6d-27827d226fc4", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:52f0c31f-f068-5c3b-9004-e5f95f50707d", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7f5949e6-8cd9-5a06-9ca4-d6f4a842564b", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5a32d27c-8dfa-5d6c-aa3d-1294e4015778", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6fa06041-3c41-551d-9c34-b90afa1706bd", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a76ffc51-6ad1-5eb4-840a-c9180b39dc16", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:644573f3-2968-508c-b87a-e9eed903396d", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:da50bbc8-4cb5-5173-868c-5728c17b942c", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a1fa3487-70be-5b8c-a7f0-28e573c7d574", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0b3a10ab-4bb0-54dc-8ba8-6ebae2638fb8", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:15b9fe4c-d4c6-5dc5-b37c-2f2990cffeca", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a179dba2-8123-54c0-aae3-11db179bfada", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c04b64e5-d1da-58e2-8bb8-693b8a945583", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:16dabc3a-a887-595a-acc3-313129e88064", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e9b1683f-2fde-524e-aad3-e61d5d384aa6", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0c80163d-63a0-5300-be73-261d2df7bcb2", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5f4581ff-a572-5135-9145-e1c38817fbe7", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e8072788-1121-5f9e-844b-6b848d7a7e7a", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:85ba016b-6519-5637-a372-362bc16f0f42", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1b626abc-2243-54d8-b12f-0621ade2c7b6", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d0811324-25bf-5214-aa1b-8cb38113f9c4", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:26e08f5b-ba31-5ea6-94b0-4967c682f75e", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b066792e-80c3-5576-95de-63a4e96e61d8", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2d473e88-6203-5f07-924e-0bc0d28557a1", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.4" } ] }