{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ad2df07d-3210-58de-9d5a-d66b10ad0642", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-web", "version": "5.2.13.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f2a52a94-705a-5f96-b245-cfffbc368932", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d4e6922-5802-59dc-b94a-8dec459e0180", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7fec5c38-e176-57b1-8948-39b86f15c267", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a2dfece3-c153-57ac-9e96-d97e69ddcf20", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:73c32e04-7797-5b5c-9eb2-14838b0f7a87", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a40c4cea-ec9e-5404-9b1f-2214abaf4b22", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69c2549b-4ce5-5ea8-853d-20bf7603c765", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aca5be7a-7fe6-51bb-95e7-6d1fd9862d63", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cdc9e9e5-8d9a-5513-bb71-6680c5fb058c", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5af7a199-056a-55c2-bbb3-384e6a25af15", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1155b4da-3a18-571e-b86e-7542514e3cdc", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:347ea518-9ec3-5bfd-bcc5-a7d1ed0745b1", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49a74132-fd39-5c81-9f19-62b5e7fde1e6", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce03152c-042d-54c3-84b1-b47d513c87c0", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5e414730-e814-5c25-a484-e86f4e255d25", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3e774680-84e5-54f6-9d33-86b57fe2e54e", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a040123-8433-5a70-bdda-31a6a802512c", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa79f761-8c83-5610-8aa6-0f97a9e5b3ba", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b19c0b2-2375-595e-be5a-32cf6f886be2", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b8c823e6-11b6-5a7e-9248-65895a1f71ed", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:863017eb-4381-56e1-ba6e-4d1f7cbfabd5", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:798c7d7a-524e-5230-abe1-65b7fb735ce2", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c56d8b3-7f45-5bd1-803a-3f07addef89f", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.1" } ] }