{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f8663bed-270f-5ad6-b188-f2df4473092d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-web", "version": "3.1.1.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:369b67a2-82be-5f35-80ec-a084e5657ede", "id": "CVE-2013-4152", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-4152 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9bc403c7-ca78-520b-b1d1-cbc06afd3874", "id": "CVE-2013-6429", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6429 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf9d5dbf-0ca3-52f5-9a41-93e96da9d254", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d66f7aa5-49f7-5619-9838-34f0d7bc41b3", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ebc053e2-1cf3-5a93-8230-680f806f3116", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba1259eb-a22f-5a27-a6c5-995b2ce10c50", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d4086914-7970-53f5-937e-e69e7eed74e4", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5d10ec23-9b8f-5a69-a3e2-89869524a09f", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b8a7934b-3263-5c9b-968f-4cc0debae228", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eca783ab-9429-5723-924d-c5c1f388d862", "id": "CVE-2015-3192", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-3192 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80f48405-6dc5-596e-8d96-3f854bbdadd6", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99156caf-cdd2-5576-8d31-09327f67d3f4", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8502a5f3-da04-5746-8b93-f886ab1f864a", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f4432699-71fe-5676-bfdb-a8e0ee4ce793", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1cd7fc4a-6151-5141-ad3d-d0bd7c10bef0", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc444db7-a05a-5c79-9da2-7c7228ba1855", "id": "CVE-2018-11040", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-11040 is a false positive for org.springframework:spring-web 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20d7765f-29b2-53ae-adf6-64f04c7b7392", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-web 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d95603c8-98ff-5b3d-8d50-ffcda76a9909", "id": "CVE-2018-1270", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1270 is a false positive for org.springframework:spring-web 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:52c4fd1d-6749-59f7-a821-1d26b4460511", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cca5a520-4aa7-5da8-aaac-ff51d528eba8", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:37ee89cc-1914-55cc-a474-9f12f0fe777a", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c41cdffc-4e80-5845-9305-ccb2ea5a3f3c", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9a7e1d0e-b80e-5db3-a692-b1d6b23509b9", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c41ff8d9-4f5b-508f-b771-db6394d9b1df", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b9c8748-c71a-58b8-ad5f-80105fd3fbb7", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1437fcce-8f88-53ae-a169-245dbcc4f664", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a9527c7b-6b65-5181-ab0a-9b48a34a1613", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d70a2b2-4ac3-5c16-be01-1834d3b98e17", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:27272d0c-8f1f-57a0-981e-a2261c88cb37", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f60f77fd-ba1e-52db-a104-75e06a69c55a", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d16f8314-1e13-5a11-aa46-39a06236fdc6", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:128fd690-bd9a-53bf-b0dd-f555d9975223", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c64ddf9-e076-59d8-b3b4-94a05c41c357", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bcdd8462-d6b7-5636-95f2-06391066e7bb", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:48fdae92-7649-5eae-a9e6-c5f4aca439c3", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:82bd919d-9fd8-5399-8bd0-64dd819dd875", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a73e3b34-956e-54d5-9605-3150d8e24143", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b202edfe-8f7a-538c-a9e1-952336e6033a", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0453831-13aa-533d-a4dd-7844d73ce640", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae8da703-192f-5508-b1a0-32df5f98bd9d", "id": "CVE-2025-41242", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41242 is a false positive for org.springframework:spring-web 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:17efcac3-c2bf-53ba-b8f1-d6c9c63094a8", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f46323f3-291e-5e3b-b63f-73a936bdd1ef", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-web@3.1.1.RELEASE-tuxcare.1" } ] }