{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:646484fa-a1fe-59e3-9ac5-59e6dc1c965a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@5.3.25-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "5.3.25-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-webmvc@5.3.25-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c2b81d15-5674-51f4-9639-a9450a228073", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.25-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a8bc9042-8777-53e0-a2d1-9bf70b25eb7a", "id": "CVE-2023-20860", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20860 affects version 5.3.25-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0dddc70c-abdb-5f99-8e50-74614b50b0d0", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.3.25-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:adb3e467-c1bd-51ce-9e15-b7d12728ebc9", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:54aa0354-ddec-5494-b9a9-332cd99226c3", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 5.3.25-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:79f75139-b938-53ad-9c07-a8ffb4d78738", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.3.25-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b6d9dd70-d61a-5fde-b00d-b7758b285414", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.25-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9d6507c9-16ea-5522-932d-4a2524663e65", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.25-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0321bbad-eb34-5a16-933e-36eaafe8fa96", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 5.3.25-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fdfd2e2d-df9f-5c39-a5a9-26c8d3d11feb", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.25-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba5e3a3c-dfb5-5649-be1d-1101b0c7ae65", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.25-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:48d3a374-d815-5e42-b243-d53064070bfd", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:389d8f42-88b3-51be-8b7f-c9f3ce49515e", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b5b321f-b9c9-5085-9ec7-f11026b518c8", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.25-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5ce6a95-7bcf-54ac-b954-5e0cd999a890", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.25-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ff4e87f1-aeab-55ff-90ce-917e27a5de22", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b528b68c-527a-56cc-bcb6-a45ebb22a5a1", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:136ced50-d7a8-531d-a7e4-ea0d977bee5e", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.25-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a2cc7d4-9c5b-590d-9933-63df07600d24", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.25-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5775198b-3b9e-5b73-ba9d-b55e064b4a0c", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.25-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:deece2eb-e0b6-5365-ad7b-9d2e3fa8afae", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.25-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cff6a176-6d3c-51f8-ae90-904907f36f82", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.25-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.25-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.25-tuxcare.1" } ] }