{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7cfc61eb-53c7-59e9-b46c-41c9d19d9b09", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-web", "version": "4.0.0.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bd90707f-07bd-5d3a-a247-bdc664f9c79e", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:87122efe-5711-56ec-abad-3c26e1a68be6", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78302288-f35f-50ec-94d0-8a6e6ba745dd", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8df7dfaa-338b-5afe-805c-4e1483f3c43b", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:36871352-8baa-53ac-bd23-7b910a4cdfa6", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:323b2d38-255e-5227-8323-dc4e573a61a2", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f98888c8-86f5-5e39-a84f-1ed2178a6cf8", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2d9b99ac-f893-5e9a-b898-b5d8b608a3d3", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a39df3d8-44d0-51c9-9113-2a8f9ea31557", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:63318fb7-3756-599a-9d65-abcda0cc44e9", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b6ce61c9-f13a-5ca3-98e4-b325ddee18e4", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df9329c6-3339-52cd-9694-9a231880317a", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2d134861-8287-52b9-a5d8-93683516394d", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-web 4.0.0.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:355570bb-4e7a-5229-9d32-834a7cab8675", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c02dd5da-6e49-57b2-a544-231ebfe5da87", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c7a3b4f-1df4-565f-9873-a36e8f0cdabd", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa9813ea-96a7-551b-a1a7-ea6806a121fc", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d65009ae-924b-5782-8874-1bd58176f691", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4d014f4-be02-5210-ac05-7333ff8bea81", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fab9167b-1c1b-5e84-9225-1c88d8025a49", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3148e4d7-3646-52e6-ab7d-610c280be910", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e7396da3-b941-5555-b226-d0aa11f6b406", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f1f5a4d-994e-52a2-9555-4a5622ba0658", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce17a272-270e-51de-80eb-3a1f4ab6002e", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da5af62d-0712-5677-a6cd-2b39b500be4b", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de835d5c-08b2-5314-aab7-56f6786407bc", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a2fb8c5-22ff-5556-9f20-dbf9f980ba1e", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6824639b-e685-5708-8454-904b73d1f046", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:681feb90-37c9-5b9b-9ad8-7bc817b148f0", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3668e2be-58bf-58d4-9b6f-8b1f7de7d335", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23e0446f-37f3-590d-ac39-44fb0e86f8e3", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:834bbd74-645a-533c-9cbd-eb2206b14f8b", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e4af30d-3c33-55f6-ae3e-5831da97a8ca", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc7c350c-04bd-5b7a-806b-621e253e30eb", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28d9ebbe-c51a-57bd-bc9d-278e854d625a", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e35bf429-ea64-5c3f-9e0b-b7e3e7ab5c6f", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:980b6ab0-52a4-5d7c-9767-c0152ca35ae0", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:77b43d09-7c03-50e3-ab18-dd7a99f318a7", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:51863a10-1062-5628-bc71-d15cc15114d7", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:63b928c0-eb11-5868-b941-a6bc0be4f84a", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.1" } ] }