{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8ce53712-b5ea-530f-8489-6d9958f9e718", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-web", "version": "4.0.0.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3ebfc7e6-8739-513b-a87e-d304cceb7745", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c4de4fa2-b97c-56a4-bc0c-d17b25c54d7d", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ccc62e41-4ec0-5208-a831-ede53545bc5c", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a47f7624-4472-51d2-a19d-5419c767f201", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e2ea786-8fad-58ed-b0ca-c8567990463f", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3b5e783-3b50-563f-b77f-390dcfcf83a6", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:884e4c90-bfb2-5f62-b4cd-251583d075d3", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2aa759e5-70f1-523a-98ff-937cef6c4fc7", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c50b2488-3eb1-567d-9cc6-5d4e3cb66abc", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b0977951-5d9d-5790-a7ec-82189593f26e", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:189a65a1-0bd8-5801-9667-9af0666b7e42", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aacaf5cc-6019-5361-9d55-01369e32b956", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b0977cf-ad41-56a4-acdb-18acbadc5236", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-web 4.0.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77b676a5-e635-5733-b4fd-bf12c9508fbc", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9573a6c4-ffa4-5a99-844d-2734688e554b", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cd54119a-9f09-5263-b3a5-02150023d8ed", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c16b2340-113e-553e-88c5-4b899f269c19", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee1bed4e-f75f-5bab-ba87-971a9a6559ce", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa6b85db-6a76-5d88-96fa-482def2cc0ec", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d8fe562-dbb5-5b1c-9dbf-55bd7eac5452", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b9367883-5c91-5ec8-ad4e-21b6e04e1ce5", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c9f3c23b-c8b0-5cef-a956-0dd75736ad7f", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ebad6984-352f-5389-9b97-c09c59447d85", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fd00f1a7-0d08-50bf-99bf-b66badd25a9b", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ecb2fc86-e756-5152-9d73-00b126c10f7f", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b9e1d46-d53f-54a4-b5c4-90d547444c68", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:46b267c3-ec82-53dc-abd4-6b6e43c453e3", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:75fd479b-f406-5750-82e3-88c0480af401", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b9b2d6d2-3c97-52c2-9128-34d5e12e164f", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79425318-c2dd-57de-8848-3e6ddc837c2c", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f7ceef6-bd0e-5a5d-8a30-577fef2b249b", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bbff8136-cc07-5f65-8793-4880bdb0496b", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d80833cb-0e44-5a89-9068-13812d42266f", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97039bed-36f8-598e-92c4-7da1a836cb0b", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1503e06b-c9fc-5cd4-83a5-74d5ce5527f4", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d09d19de-4f8c-53a1-9aad-a05889d8ccc9", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3ef9ca9-d1c6-578b-b6f0-dcb6ccae3a08", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf4b8dae-249c-52a6-9135-05650d3711a7", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d15db6dd-7603-54d7-8880-e8630fdfb85f", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b23baf01-3ecb-5af7-9727-00e24af4c7e3", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-web@4.0.0.RELEASE-tuxcare.2" } ] }