{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9dbdd28d-3bae-59c8-b98b-afe466408da8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "4.2.9.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1e467980-f34b-59f0-9794-ba8c64b3c40f", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3cf8d552-186f-5712-bae5-1bf802a3c280", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4fac3c86-ec9b-5c78-bfb4-70babf146da0", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:36dbc582-ec22-5bb5-8515-28dcf0953895", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ddd80ede-f886-5586-ab18-f55fb27667f0", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1e16151-1ed6-5307-be49-f1e7a2cab556", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4ba3d17a-4428-5e97-bed6-6eba52e8f598", "id": "CVE-2018-1275", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1275 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1c97494f-2d01-5f25-91cb-0610424817b8", "id": "CVE-2018-15756", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-15756 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:14edae01-6763-5aa5-b18c-e81c1c71ba09", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b9f51db-08b0-5271-b9a7-0cd3d35c7d31", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0360baa3-06da-51ca-bc81-885a57b9f608", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:834e815f-b4dd-5533-a3b3-73fc1e822f10", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68b3a0cd-5d08-5dcc-871e-2b2319622882", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2d411fed-462f-5482-a7d9-233f907079de", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:190b7b81-e484-5c70-8903-5f065b6e82d0", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cb46e3c6-48e4-53a7-b8d2-ebd88ca8bd83", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:536cc766-91d2-537a-b453-3bc15ad3e48d", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:86792635-292c-50b1-a492-a8f41734e192", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4bb5fca5-b896-55a2-b9f1-da3d0284ab9e", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:decc2d91-0cab-5511-a06d-00ea3d6440a1", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21cb7c1a-24c4-56a3-830d-9b0f02767702", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:12def1d2-babe-50d3-ad7d-06232a18b091", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a0972639-e981-5b0f-a445-b3e5989b897e", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f0a877b-5a15-5a82-adb4-d8e20584dd08", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e3b7263-ace1-5d76-af80-0ae78235f717", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80f279f9-e025-5fd1-b49e-4f1c4950f21f", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5550d59-3a92-56d9-9826-20f324062c27", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ddadf608-43a6-56e2-82cc-244b7e552e6a", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.1" } ] }