{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c4148e0d-4b41-565a-90fa-c0ecc39bebca", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-web", "version": "3.0.5.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fbd02d1a-d96d-58b6-a0c8-242fea60cacf", "id": "CVE-2011-2730", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2011-2730 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:64df9d4f-2c86-5c1d-b9ce-4054aae507f3", "id": "CVE-2011-2894", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2011-2894 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4ff4c5b8-2dcc-5552-a906-d385bedfc055", "id": "CVE-2013-4152", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-4152 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6c5cd61f-b6a4-5118-bd6f-3591403baa61", "id": "CVE-2013-6429", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6429 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:09af4d24-1d97-52d8-a685-7b72108a9c1f", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2af43e66-a6a1-56c8-a6c2-52d167eca061", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:00c58e9c-8ef5-59d3-b679-42fd62a47623", "id": "CVE-2014-0054", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0054 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cb003557-d598-5eca-b107-6207ad8b72fc", "id": "CVE-2014-0225", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0225 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:757c9ad1-f0ca-56b2-a658-5033f2ac7244", "id": "CVE-2014-1904", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-1904 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:49b78f43-b35e-55ae-8966-82b904f93ace", "id": "CVE-2014-3578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-3578 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f97ba5be-637d-57ef-922d-7624c0bab923", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a9e4a670-8cee-507c-bde7-14e595de2ea0", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2c2e44b9-efeb-571f-898d-53332bc0c77c", "id": "CVE-2015-5211", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5211 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:87e1554d-f616-55f3-a484-138451f06d1b", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a14b662d-23b1-54d0-86a4-4876cc52ad04", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:19278ff7-8190-5318-b250-ddf5388b27b8", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:541835d3-833e-542c-aeb4-221700702733", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:16f33860-78ba-55db-b85e-16e6619a6302", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8e3c5bb3-bb8f-5e08-89d2-4054e0533405", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3943e066-08dd-5879-aaab-bf1bd71d45ca", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bb740c9b-6ba2-58e7-a9eb-b196b121d60d", "id": "CVE-2018-1271", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1271 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d2eda9b3-af75-584f-8cae-d4b50cc9778c", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b9290ade-459e-5e49-9a6e-1b5bcc6d8cea", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f8a210fa-04aa-51d1-bd40-358871e3b2e0", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9590f485-4669-52f2-999d-87d7d88df9b3", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:162b4131-cc1b-58a5-bcc7-72cee9871326", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aa4be0e6-ae73-519b-92a2-3aaf749816c5", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ea9e7285-3d53-59d8-ae8d-3a297778d4af", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a34368a4-4cb6-5821-b637-70af8ffde73f", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:83dc8cf4-5ef1-5802-b26b-eb177664861b", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3b6a0f9b-f5af-5802-84c2-f56ed524945b", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a578a91f-3ec2-5f40-a796-b464e91c729b", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0af3bd1c-2f1e-5579-bb21-7b2b5f9ff9bb", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:26560df7-4023-5ea9-befd-2ecb23fdc4ae", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:328e6c85-23a8-5efe-94a6-e792a147e372", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:35f4aad8-b09b-561d-8aea-c267b51cec94", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c6d9c14f-d301-5200-8741-5259af15a28b", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b4989e9e-c79b-55e8-a6e6-52233be8d1ea", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a3957997-77ed-58b8-a94b-1151042b5a43", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ca861be4-3e4b-5828-af14-e326ffa12b17", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-web@3.0.5.RELEASE-tuxcare.3" } ] }