{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:57ea197d-37cf-58e3-a933-70fe172b52ee", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-web", "version": "5.2.13.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2ef18134-afe3-52d3-9f30-44de8b58bbba", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90a5b402-e9a0-5a2d-b04e-a8d2bf1c07b9", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8fe15ef7-1232-578e-94ef-042f93ff1988", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c1b5e4b4-4a53-5e0e-8bb2-99754c7bc664", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:511b594b-a2b8-5313-bda3-45cf483d30cf", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4e5ef479-fb5f-5171-aa34-993a05c993d6", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:353ee5e7-b1f1-5869-981f-7f081fa9ff50", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:72e753b8-6c40-5445-b9ed-60a69a7e10ca", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:47324b16-8ee7-59e3-a5dc-c5e203d16f17", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d04115e2-630c-5bf3-8400-efd898b2524f", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:26a94817-7500-5a84-a9e7-23769e89e7a6", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:106e04ba-7d7c-539a-9bee-152d4cbeda30", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ac671142-74e3-5ef0-8a0c-307164a02356", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c470bf3f-0471-592b-a7fc-9f410f5a2ad2", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee93e209-17c1-50d9-be6f-f4bdc73adf4b", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42e4312a-6b88-56b7-b7f4-4b9572ae0aa4", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9a224356-6c53-5ffd-a0d7-20a614206662", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eef561bf-d5ea-5404-9abe-f3927d2de428", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:61674467-baff-565d-9aef-16a845bc3c6e", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7524b594-d5ac-591d-8be6-f8367346bbb1", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77948bb2-d91a-5d7a-88f7-af250218e330", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0bcdbb63-bee4-579a-b328-ff2b442e4154", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ff7c13a-aaf4-5e0f-9b25-3031f75840c1", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-web@5.2.13.RELEASE-tuxcare.2" } ] }