{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:04c89904-71b8-554d-a4a1-768f4fa13bfe", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "5.3.37-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:06499eb5-aac5-5906-8985-808fbf344b2d", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.37-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f4f1a2cf-0f8d-5f58-b27d-abe2d0ca68f8", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:57deb400-165f-5d79-a053-1722f7a4e2cf", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d7405d76-faa4-5840-878c-f534e251e0b4", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:79b5eae6-aecd-5a85-944b-61cbdbfb730e", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.37-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a704577c-77e6-5840-889f-51b9dda6f80d", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a6202b51-71a7-5559-850c-9f160e870425", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.37-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ba3966dd-d423-52d5-bbaf-9135faeb25e9", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:623b203a-cc7b-5a12-948c-b81955a6148a", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.37-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6b55f71a-bf9e-5875-9a27-98885e3e66ae", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7236e913-11ec-5b06-ad93-78bcbff1e83c", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.37-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a1f69a78-9487-5881-82a5-ac5a21969cea", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.37-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c228f6af-7e36-5c77-9673-5a060ea3f002", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.37-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:390f1dcd-1c94-50a4-b6f2-af4838a6eb70", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e8d94f7e-ff68-56ac-ac28-8a9d8bba0d37", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.37-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:256bcfae-b92f-5438-bc1d-5d38ed958d54", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.37-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.4" } ] }