{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f1faaecc-310b-5865-ae81-2fad89d52afc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@5.3.24-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "5.3.24-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-webmvc@5.3.24-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ea5201bf-7768-5bac-890e-359bcd269d95", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.24-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1f9a8f2d-2c63-593d-a196-480e8f0c570a", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2c07bb95-0401-5b08-8304-66e397fbef19", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e65a61b7-ee87-54ac-89fe-f92861c73a2b", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.3.24-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4bbcc000-8ed2-5c25-84eb-a01716d5317d", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7ca9a27-6d59-5e15-9469-1a0a8b211acb", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2734a311-bb78-5dff-af17-926afdd8e29f", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36fc98ab-c1e3-53e2-8b5d-e555c13963fa", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:239f91e9-a2c9-554b-bc3f-3ed963216be2", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2634408d-6d33-5cde-a5aa-5e8121a39a62", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba450f1c-1fb2-5a09-b656-3773bc140006", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:98e8eb73-6ef0-58de-b318-f236d6921e86", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:66a9309c-d810-5615-9329-c16c381bef73", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d170b82b-8090-54ec-ae72-8c5ea25d3a6e", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f9af0e6f-2e86-5e26-84d3-b8c128e90f54", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df76f0bf-c993-5f5a-a962-2769b78f22cb", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:439bd346-4258-5493-952c-5e92ff339b9a", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:766db63e-57e4-538c-964f-866a60f5805d", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.24-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7f961c11-a7a9-5063-bd7d-e7408c9f1f05", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.24-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b4aa4dd-7c54-5081-bda8-afee76886588", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.24-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90993e51-34ea-5b2f-9036-c4d30d629fef", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.24-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7a60e91-a618-539c-bc10-eced0ea5b4cc", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.24-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.24-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.24-tuxcare.2" } ] }