{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:98d37289-041c-5794-a575-cfadd1794b93", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-web", "version": "5.3.31-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1224ad93-3715-5a57-b2a3-63c7aae207a9", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.31-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e6f69971-d35c-5da6-9d2d-29dbc1713107", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.31-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f61b196-8110-56fd-bde8-becda7714c35", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.31-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9203456b-85c1-58a3-af94-1835dfc0a6b0", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.31-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb805646-4bcc-523f-b53c-8fd021c6a315", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.31-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:09f7d68e-13ac-5602-b908-636050d8f6fa", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.31-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f8883f92-5e4f-555d-9a59-0a618c785ab3", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.31-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a2473064-234d-55aa-899b-f84c499deece", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.31-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b87a97d-0f6d-54ae-b0bf-ec47b4fadfc8", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.31-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:428fabe9-27e3-5622-897c-100e4110c108", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.31-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1455206-7ed5-5bce-9c54-963a823c27ce", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.31-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ace0959e-0092-5788-bd7d-292998bb17ae", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-web 5.3.31-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a706ab3f-82f0-57ee-aad1-fe36aa4b135b", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.31-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b81f2e2d-31d4-59c6-ac67-e8fae9cba870", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.31-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:175a78e2-e17a-537b-9358-74e1dd1230e6", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.31-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de58a9a6-2bcf-5a03-9a93-3bf88b69846b", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.31-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7701d9c5-a0f2-564e-ad4a-cc574de068bf", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.31-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.1" } ] }