{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c913cbea-de00-57e7-8cc0-e695b66f398a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "3.1.1.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1f994779-9c0f-5a1b-9018-cff67143271e", "id": "CVE-2013-4152", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-4152 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e00be00c-c8ab-573b-b736-e9d707a97ccd", "id": "CVE-2013-6429", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6429 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:48b5f201-9104-5785-8f9d-eea4d5f4b105", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5534548b-9e0e-5eb5-828e-bc19f014750e", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a14d0c91-bdff-569e-84e3-1c217ecdd1c9", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:31c6c677-e95c-5150-b1b9-dd3fa3342c6a", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8af88d46-326f-5baa-8f64-2bbf0be7ad7a", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9abeefa4-cc0b-5bd8-907f-f52295b39c09", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:563330da-fa8c-54f2-b37e-2f59363e2caa", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e9aeb08-5cfb-5f47-ac3b-0032649ccb6b", "id": "CVE-2015-3192", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-3192 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:56298617-6e4c-5f11-abc0-279b94634e50", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e361b55e-0ffe-53ab-84a3-111bea586480", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a2006d6-87ed-5d32-9fa2-1528a12c1ba9", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f9d181ba-ac0c-5a8c-b022-6141347bd4e2", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a654fb7-71f2-510e-82ce-3136af306bf6", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7071d069-a996-5da9-9bf6-ecb75eef8dc0", "id": "CVE-2018-11040", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-11040 is a false positive for org.springframework:spring-webmvc 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4779dc6e-71b3-553f-921f-4e7d199fb0a4", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-webmvc 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1d400526-110e-58b6-84fb-5d563cb5f321", "id": "CVE-2018-1270", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1270 is a false positive for org.springframework:spring-webmvc 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ac9633fe-df77-5358-8ea3-f8e880286178", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57871199-619f-5c79-9a3e-82cc0252282c", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c0692a6f-6b8e-5acd-af39-077ee3bbf19e", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:de240d80-f55c-5cf4-a932-4edc21f4e9fb", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:632eacb5-75be-5123-8030-18a35d68a455", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:572c9d33-acaa-5833-812a-17c7ee03580b", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf317dab-3b10-5f4e-9041-05c7d5e6ec16", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ffed985c-47af-5ce1-8c8a-4f9d617af30b", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9040b68d-e64a-5a17-8427-ac016f8dfbd0", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:08f316bd-9afc-5eb6-8369-e2d7d20a9e27", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37a09e21-cc96-5613-8499-2c55cc4630cf", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eef73eb6-4aa5-5937-8d93-7ef22f0eff08", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6135e05d-66cb-56c7-9260-25db77032374", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79d3492c-577f-5f4e-8816-cd3400d322c4", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76e19eed-b745-5859-adfb-8c9855f5cda0", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:544c9ecd-6f21-5544-86d8-cb9bd112a74f", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ac0a0545-0789-5c41-99ab-f651663dac18", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7ed9550-f83c-5be4-8957-847c3d0d0b10", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:75036e3d-d8f9-5d28-8b0b-a710aeac656a", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:faf587ea-44ca-5773-8945-a91734d4644d", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fe550548-a24d-5b97-8e87-5cdb5016579a", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:010e4934-c94c-503a-9d3e-3d47856fdc46", "id": "CVE-2025-41242", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41242 is a false positive for org.springframework:spring-webmvc 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a2e4c103-99ef-5723-b8b8-317b1ac57d84", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:50d78252-844a-5993-b2a4-47a46568aa30", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df0bdac4-4c05-5ecb-9e7e-117464e63ddb", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@3.1.1.RELEASE-tuxcare.2" } ] }