{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:32c46854-45bd-5b60-a5da-35f67e07713d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-webflux", "version": "5.2.0.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:52beae51-663b-5979-8c08-9157fe8e5603", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:19c7fb8f-0836-573f-bdb8-97a2418df0fc", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1be502fa-5444-5a38-a806-04eea0b1f2a7", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cebdec33-cad0-5377-bf12-54c35b8f5322", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:09bc9a52-92b5-5a37-bc19-b0ef9924fa94", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dbe167de-1179-5db5-95f6-5bb3f7996247", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8ad40290-f4b0-58d8-a0a1-448b0b3d68b2", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1e395ef6-9776-53e0-8319-3b034442db33", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cd095528-5123-5e74-90b1-a6823bb0925b", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0bdebf5c-b1e0-5837-b125-d7608275047e", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:25ac06f5-07bc-5e96-aa4d-5a390218fe47", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:26e9cc6b-2a9b-5704-a611-f0665dd38481", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c76446a9-ef82-51c4-966c-ad3450f35722", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:40fecab3-d37a-5a05-8b3e-9f996b5f0a9a", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eda156db-9636-5520-a6d7-718b6583802d", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6f44fb88-7ea7-54cf-a741-6d0018785659", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:db964d04-d097-53bc-adb2-319e4fea7a0c", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:35ed2917-efd1-57a7-aa73-d5d7a9c99112", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c3274442-9c77-5e0f-88b0-ff4657c63b73", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-webflux 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4a6396dc-63bb-53a2-8246-53eeac48ab35", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:337ee8bd-7cd8-5aeb-94a9-a52471020205", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b2512e34-1ee7-56b8-8560-164f136d37a2", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:189dce8d-8eb1-57e1-87cb-e942c802d2df", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1773e63a-9d3f-5a85-ac06-6b3ab43ee5ff", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-webflux 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d0625e28-5c14-55e0-bd4b-cbe112becf6f", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.3" } ] }