{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2a3c6128-a8cc-5582-a3d3-9b0556acc2d0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-web", "version": "4.1.7.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bd3f73a4-7fde-5901-9c4e-f16c85b97497", "id": "CVE-2015-5211", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5211 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be057a71-697c-5afa-9230-441afc06002b", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a8433380-bac6-5214-97c5-c296e9ae8c92", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1afb0cd2-0f7b-52cf-9df3-56decc4c5d8c", "id": "CVE-2018-11039", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11039 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21caa504-7b3f-5704-8745-43c725089973", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bfe36f09-b946-583b-b5a5-1885861978e2", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cdd47da3-e055-5a06-a893-c3a4ccf4e761", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d658d8b-4d60-5533-8c34-62b5f22f3fa2", "id": "CVE-2018-1271", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1271 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8965c904-9389-5884-9ac8-f68c5ae94b32", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:848dd1ad-137d-5279-a75d-3982b92c80c2", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d14ba8c9-4efc-5945-87ed-dc54e0906e33", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d6e23bf-6954-5fad-9b2d-eab722525b5c", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:030566d2-2489-562a-84cd-0ff91e5d5985", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e6db719-910b-5e81-b3ff-4e848161b0bc", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f3217c5-5499-5d0f-b39e-521f61abfe1d", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe1d2231-26f1-5cd0-878d-88a455dd20be", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:84ecd030-6ba5-5768-aaef-47abe7dad53f", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e1bf74f3-d29e-5748-9ea8-ba37f2be9cde", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0896d930-79bb-5690-8f5b-66058212e28c", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9baa47a4-e27e-5f4c-b763-8ca8eb433e5f", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:420931cb-a931-5a24-8036-d057cc7ab7cd", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55beabc7-43da-5586-a28b-510f30b7a386", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a94117a6-8c90-53ef-af26-8e07293eb42b", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0b4109c6-dc0f-5ed4-8daa-09f155f021ce", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69468b5c-ffe7-58bf-85bd-2e345b122180", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a4bb7e0c-65ba-521d-8f43-cbc2f84c597c", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fec240b0-707d-5821-b26d-eb13afa68b2e", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a4770ba9-b95e-5679-872a-dfd1261bff91", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:50d7faaa-a986-5c4e-9705-8c252beae264", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.1" } ] }