{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9b4d5f4c-7781-5ed5-aaf4-3368864d30f9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-web", "version": "5.3.31-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:75c4a881-ce61-5892-8acc-da7c5d971c2c", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.31-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:04c6304f-b928-5970-a0e8-79727c71216f", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:743f8284-6d49-5fd8-a787-e8efef7786a2", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:faa877f3-7999-5f33-a1b6-1931c879a4f8", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:53e146d3-17b4-5739-b2ba-aa456c5e6524", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:52cb50ed-8d54-50b0-9390-24ce5142cc12", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19058333-7cc2-57fc-9f3b-bf87f53817c7", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f14dedf2-ea5a-560c-8d02-b0c64e8ab543", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:db3ba885-4d29-5963-bb88-7c99b6a4801a", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fb781274-bafb-5a62-932b-33f66069d9e7", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d6281a84-d7af-5f3f-be0b-a1d748e89b9d", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ef1be37-4b9e-5f9f-afa8-ab07118c004a", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-web 5.3.31-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b12b1e88-1c6f-5e0b-834f-0453976acdb1", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6bf02fbb-52f3-5997-abb9-7ae59f9cf9eb", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:22999afd-c2cb-5755-9518-1e052ff77daf", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:da504e80-d852-5c59-9974-757dd113daa0", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.31-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b7cf7a76-1196-513f-bc1a-9f4b079b1464", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.31-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.31-tuxcare.2" } ] }