{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:39812615-593d-5fbd-b6bf-07bed47bb255", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "6.0.23-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:aa14b53a-eb36-5b52-866c-4d83f99d72ec", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 6.0.23-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a648eab6-7fbc-59ca-990c-749ecf1fda06", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 6.0.23-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:da89fb8d-e540-5abb-be05-779132783ba6", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 6.0.23-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:98211dc2-86cb-5e4c-af8d-dc167ec6ddeb", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 6.0.23-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:393d91e5-c29b-5f55-a43b-35bf07bf2297", "id": "CVE-2025-41234", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.0.23-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3556ba75-d94f-5cc5-9ee3-0e9965231bb0", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 6.0.23-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c5b5667d-f51a-5a80-b742-528f40863dcb", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 6.0.23-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ce7dd78d-87e8-52d6-9d62-e34d78715f44", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 6.0.23-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5acbb839-5ee0-51fc-96fc-a6ba1175eb2a", "id": "CVE-2026-22735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22735 is fixed in version 6.0.23-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a9a68ace-30b5-56d6-b6b6-adb276d5da81", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 6.0.23-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91e456af-14b8-5029-adb5-59a5080dd1bb", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 6.0.23-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7158da3c-96b6-52a0-9e19-e83d17b4d69d", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 6.0.23-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d89a1c6-b88d-563e-8129-a2e5fecbad09", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 6.0.23-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.2" } ] }