{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:40811a09-9b9d-5123-877e-c09db41b580a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-web", "version": "4.1.7.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ae5495cc-2faa-5514-a3ff-9f31ff1d1f97", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3bd3ec58-c24e-5a27-a01b-1bdafbcf7b2b", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3a2f6712-9b47-596f-a41f-7becbb424779", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8ad2df13-6624-5121-8468-53a6e391d077", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b1ce672-ca6f-5eec-8a80-4253cfa8cb6e", "id": "CVE-2018-11040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11040 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:12235a15-e106-58b8-80e7-1b2ca499ff0a", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:635953f3-2553-581c-b7b2-39e0ad0a1c4d", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9a8d1165-09f6-5fc9-900e-6fece99c065d", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ed13e3e-6445-56b0-9a76-979d24c74b9f", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:da965013-c794-5613-8907-b5f6efb21ce7", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9c87386e-7e88-5beb-b881-32ddf8d4452c", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b14dfa20-f41f-51fa-a149-ee4f139a5784", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f411e9b1-e6a8-59d7-bded-a0fab31d0823", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9fe1e347-8480-5521-80b8-d6b159d1fc19", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77797ca3-4889-54b5-8c46-bb6810043637", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2fe6beaf-b205-579c-84ae-faf8bd29766b", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed2a27da-cdb7-5679-975f-8099b077211e", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:03ec16a9-9a89-520e-8480-ccf693ce9b3f", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d88c30d5-7c6a-508b-93ca-1993353ef336", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b1d47068-79c7-5deb-8128-d41eecd26359", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b903697b-35bd-5c40-aee6-7c8877f9fa71", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e58c1b35-9364-5e92-943c-48eb37fa895a", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:09882484-2bec-5f84-9420-09bc5a9bb6f0", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f8111b12-1f85-5286-b388-772daa0562ef", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0668b419-10ad-55e6-83ce-05f6cfa44c88", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:59bdf37c-acf1-5bfc-bbf2-b3371036a06f", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:95d7d642-592f-585b-9e5b-64046202bb01", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19c3ff72-2690-52a5-9346-4a4ac5c07d6a", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:74c9b6a7-e445-5d80-8196-89adc1f36491", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-web@4.1.7.RELEASE-tuxcare.2" } ] }