{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1fb035a5-bdfc-531e-95e6-9b9f9b8b620c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-web", "version": "4.3.30.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0a829796-b6a0-5cbf-ae79-d07f948119aa", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4561ba04-970f-56ce-af5e-39a2940e1966", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19a42e17-9eb3-50ad-8d26-3d8f1e0075ff", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:597892e5-6417-5cd0-9c33-4235ab483c6c", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1fbc386b-713f-5f9d-af9d-7bfee37d7395", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0618fdbb-659b-54cd-afca-075c12ad2af6", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9ef4030-7aec-5e7a-ae5c-a2251160aaf6", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3af08121-c361-5afa-b4d1-b7cee1cb1606", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:248a1108-fbef-5ea0-8343-4ee8800f4577", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9ab3e04-aaf2-54f8-b9b8-edaf0d19b006", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d6bdc33c-66f0-5f8b-a7b2-205af75fde91", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ad794ab-5011-5115-89b8-e5cd8e78ca38", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dea51a94-137e-598c-a5d5-6d50b7f3e09d", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fdfa0e2b-82b5-5be2-8962-6f29f10f0233", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:56ab5e1d-db1d-5813-aab2-801a8379053f", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e6c17d34-aaea-5186-88e8-f8fa9f871624", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:205ae307-61fa-50e9-bdce-262a0cfad95d", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5507c5c5-4fcf-5a5f-8146-0be2b7daf70d", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2336adf-edb1-55ba-beb0-7b243c3487e9", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:82a2dc8e-ea4c-5d3c-8844-3fa45469cd8c", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:46f5ea1c-8733-5a4a-b72e-151414b18040", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:81e68c4e-7cd3-5150-9887-b3043dd05744", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9fcce27b-c2c0-5a62-8b13-dfb8e67c2c4a", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b24bfb9-0102-5a32-9608-ce5257542a94", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4d75265e-ce68-5a23-934b-094254d69be7", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-web@4.3.30.RELEASE-tuxcare.1" } ] }