{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d1b9d3f1-1b18-5b28-863f-b173bf50614b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-webmvc-portlet", "version": "4.2.9.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d129d173-8d07-5b0d-bff8-c7d6d3aa0015", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd7321f4-e2ce-5eae-b9d6-de033aea96fd", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e008b85f-2e7e-57ae-9bbf-f6fc26a6650e", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c1736d8-be6d-584e-9e1e-fd529f5299ba", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b8d0ce4-b4fd-54ea-b3a4-4b0e92985bc4", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:09b92dbf-aea9-56ea-aac8-f4d19170fa18", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:16ad785b-f0ba-5bda-ad2d-3edb0d0aac4f", "id": "CVE-2018-1275", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1275 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f5f8f81-09b5-520c-abf8-f6bfdf5ca7c5", "id": "CVE-2018-15756", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-15756 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4597eb7c-bb6a-5b9e-81c8-a9000c61f339", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2872eaed-1208-5031-9041-9a5c6659f889", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ea079eca-1c5b-5754-b054-6c4d6c966a8d", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ae7e3c9-e4c8-5299-b72d-dadf568e6bad", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f7fa7ee-280f-5408-9b17-fc5f7ac96f66", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e7fd2f5a-ea9b-5a0e-b393-5adc17fb1d6b", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e7a997cc-84bf-5dd8-883b-6d5e000047f6", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ebc1e450-149b-5651-b7ea-cfe69c1356c6", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:929d0dff-3949-57d2-b6a3-205e461d77b8", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8411e906-b8ae-5629-a588-19d513211623", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c14ecfa8-7e50-5e6a-9d2d-815953782907", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a09c3ddf-888e-555c-8386-68fdbca5bed8", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:067666c0-4119-5f57-a897-5cb649c67a14", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1a7d5229-24d5-5fe8-a46c-b8c7e5c887c1", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80c749e2-6358-56b0-9c06-8497ce7c4321", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5a16aae1-ffeb-5bf6-b676-d687d3c57ab3", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9abbfa37-b31f-553c-aa1d-a6c006e9894b", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f065401-eb29-50bc-80ab-ed69be5ea222", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3be8ea38-65c5-5d14-95e0-ae44216d402b", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a8ee343e-3321-5209-b7a6-ecd1c160120c", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.1" } ] }