{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:de337c6e-7a5e-5fd3-96a4-edcaa2f86f3a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "4.1.7.RELEASE-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7026e5d2-d037-55e2-8316-9aee5729dea7", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3b3cf05f-eca0-5cdc-82c4-2d0e17e374de", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2d44d6a9-5651-553d-9034-fdd6345c126d", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4d2dbba6-cd19-538c-a23d-3a61d85beaf3", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:59e516a0-eddc-5926-9b73-b0bd218aeb07", "id": "CVE-2018-11040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11040 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a3b43f56-5ed5-517f-a025-848806662896", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7b244a10-220d-5810-acca-4b963c1ecda9", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:383a8fde-248f-5ac2-90b6-63b752e8cc76", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:875a3360-870e-5697-8526-169e94a98c86", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e9eafbd8-85bd-5490-baf5-387946cf9227", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eb54148c-a4fd-5586-a483-757d6301bf21", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:575dffb4-f3f6-5616-9704-bb6b6b9170ad", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6bd3d3e7-f2d7-5de4-bbc8-2aa55952ebb6", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:96768f12-bbf4-5570-810b-a10f81b4aaee", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cabbdd5d-f629-5a24-879d-42a8cf2fc271", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6bd0b6c4-69d6-5e21-9d96-aab927e9dbe8", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c3f79aa9-3dc1-5dc8-ac53-38b2d7d5a257", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:219149ee-94ad-5e50-8db3-3df60be5061d", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f15676ac-a52d-59e0-92dc-bad97a504dda", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bc4d345f-ed5c-59b6-9b0b-cb2f8aae961b", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5dae167a-99cd-5b45-8387-05ef9ea4e64f", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e5d3d562-6e34-5dab-b19c-661417e65bde", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:07544a3c-d42a-5388-95b6-1901408422bd", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8c95b3df-7836-553f-9d48-fd4d5b938103", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a8d47e88-d7b7-5b62-b2e8-43e4c4db1437", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7cd69f77-c789-5c19-862c-fce66b612dbc", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:61478c54-17dc-5e08-9802-17f16c6f6990", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d8b1cdee-a3ba-57e2-8191-3211dca9f9b6", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bbb403dc-b4a1-5656-9071-2c636dd19198", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d7ae620f-8517-5af3-a8f8-b5af51d09901", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.4" } ] }