{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6afe7615-6596-5426-bce9-dacf456c6b0d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-web", "version": "5.1.5.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9663f488-300f-5adb-b775-d86fae6f2b21", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:34cf21de-172b-583b-bcfd-eaa34e3742e8", "id": "CVE-2020-5398", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5398 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aea7b30a-3fe9-520b-8283-363c9aa81e2d", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed21bd03-d2f4-5131-a9cf-30d449ab34e9", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0727cfea-8c3d-5fd0-9a3b-42cdc205871e", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3cbfae91-567e-5ce0-8646-986590822457", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:62ddebcb-6385-5f6f-bec4-647b5bd9820e", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:238a93cb-5a3c-520e-bcf5-7fab0e54191e", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:452db9df-0d9c-5dff-a3df-fa330af09920", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b4b5069e-44b4-576f-9894-07654ef19509", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a07f96fe-0961-5458-9266-cf9d65c0c0f2", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0de6090f-0c86-56f3-8eba-57b837a5965c", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ea2ab753-7065-5860-b683-60f63d4e0241", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3c57a425-46c7-5820-aa87-ba87d6244819", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:977aa185-0aed-5d71-a526-7214a5b2f947", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:85a7be2c-60c5-5dbb-ab46-f5042f68db34", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:942eabe2-0629-5c8f-bd5a-a7fd1d43757c", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-web 5.1.5.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b170bf64-0ef9-5a14-8e3d-170bd4ac28fa", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb78312d-5588-5c31-b384-3887639ceba5", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d195fbd2-c907-5e5d-9918-3b8044085c54", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:11a39600-500b-5ba5-bcfb-0cd6ce7b6e88", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f3dfaa5d-b5fb-5dac-9e7d-c7988d964c4c", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1ac7103c-1b79-50c9-86f1-2d0ce38b8047", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f32eddf-4540-5c1a-b3ab-1fe324ca23ef", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a534f42-b968-5cab-9f7c-fbf3e01e6c36", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-web@5.1.5.RELEASE-tuxcare.1" } ] }