{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3a24b09e-a399-5c50-80bb-102f9d41dbdf", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-web", "version": "3.0.5.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:dac277b0-2e83-57de-8bd9-919abbee99e6", "id": "CVE-2011-2730", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2011-2730 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e4faa7f6-aa3f-56cb-b638-a5f908af691f", "id": "CVE-2011-2894", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2011-2894 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed0dad89-77fa-5293-b35e-8c50e3ef5a43", "id": "CVE-2013-4152", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4152 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:822bcaf0-9d94-57c4-8008-207a73c89bd1", "id": "CVE-2013-6429", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6429 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e0be0ad-b80c-548d-9502-046fe15ab0b9", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9dbb6fb6-4a34-52cd-8d5c-9f9015534a30", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8ac79c86-616e-52a5-b1f3-215cf779a50f", "id": "CVE-2014-0054", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0054 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:997e4e2a-62ff-5a00-8db0-e340267f07e9", "id": "CVE-2014-0225", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0225 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:74b7d5ae-a6f0-54b5-92f8-8a1d2b2f3a6e", "id": "CVE-2014-1904", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-1904 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c603a4b6-aa9c-5fd8-83c1-2f7766c8f32e", "id": "CVE-2014-3578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-3578 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6114c7e7-f75c-505d-8abb-54ef02e14c41", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2fc3903f-10a0-5708-8ed2-f0ecec2672d2", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:71b8d334-e358-5c5d-a908-896bf00b3256", "id": "CVE-2015-5211", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5211 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7391f8f2-4103-5909-bd30-626567b2a5f8", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:398e82bf-1d44-52f2-bf50-8d653adbefe7", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77bc2680-d9a4-561f-b740-ac8a735ed969", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a4a0ead0-6289-5edc-a4ae-e587f99fcfb1", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:29ef9cf0-2ed8-53ba-9920-ef7288965f6b", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ea8141d7-10e0-5784-8ab5-466da467c374", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba53ed42-31ae-5b9d-a633-5f2f4068fee1", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c13de39e-d46a-5e60-8b82-709991c43b76", "id": "CVE-2018-1271", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1271 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf903199-ca15-5ba2-bf7f-d363a3095a7f", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fced287e-d478-5b93-84d9-abbd88aed8f9", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e6b0d110-8a16-5cb9-a6b7-268cfb5eeffc", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a069dd8-455c-5072-8cef-3473b860d062", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7eb201d4-3a62-5c1d-960e-75a328b61f97", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1917c822-9d62-5dc9-ad56-39303fa55981", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:95433f40-d80c-5e32-b475-2dc6c8c2e0f4", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2517e4b8-d4e5-5c4e-846c-998c0d7c0922", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cdca2584-4835-593f-b046-f2b32d72144f", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6acae3d0-b934-50a9-a3d4-ed4a5b4e40f5", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a03482fe-de35-56a0-b6bd-e1e22c08b6a0", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:47738bcc-6e3a-51ea-8045-163d7b601d5a", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c56d64ed-cec3-521a-9dac-0e5c2905fcc4", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e46f303f-e5b7-54c7-a961-827ed762dd81", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:63c7bb50-7b84-5735-aeab-5e96b9d48f39", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bc34630e-06b9-541a-b1f2-b0e7c112e814", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ff3afb5f-81cb-5de6-afd9-ba3b196bb9d3", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1433980a-6d11-5209-849a-5c0a51260428", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4837af8c-f4f4-5ed7-9cbb-5aa5c591e63f", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.2" } ] }