{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a7f4060d-c0be-51bb-9211-243c288ee78e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-webflux", "version": "5.2.13.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4c559fbb-7015-56f6-b906-8a0599d3e3bf", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:82e89062-59c8-5c24-886d-a649b2087810", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fdb8c9b4-0f29-56a8-b094-6ce6fe2e7019", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e5892d53-0c85-5bac-b9d2-fb384db85e65", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:963648d8-7ef6-5ec0-82c9-540bdf6285c5", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99317b93-7356-56d1-95ee-64f1060ed5f9", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:67d75556-862b-55b1-9fcc-6564c642e773", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:66b0555d-97b0-59dc-b244-9ae6915addba", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5bed854-d7b6-5e6b-a84f-95a1aa00cbc7", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c0df4e24-8ab3-5c04-9fb9-555de7fdbf28", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:580e66ba-9f36-5c7f-8967-d5193b28e3af", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be522116-d631-5dc9-b915-6f6cc8fe3bdd", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:188781fe-6d97-5b21-b020-78454be1ff1b", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7b6520c2-9e69-5763-9fff-461c96be940b", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bbeb1a10-6b98-5934-be19-e1c4fd086182", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:97293d64-889f-5a0c-8918-952e6f6ba914", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e5b65322-49fd-5466-bea1-7123592e403c", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49990e24-fb78-56c6-a658-5531fac8d7d4", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e54832c-675e-5756-aa96-477ff7fc2011", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68c433ae-db74-5e4a-8100-b680d8242678", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:57d049ef-0a00-5268-8c42-f409176a64c7", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba6d94f0-8b9a-5e3c-a02d-ff171d7df81a", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:118f708c-afa0-502e-803f-fb97536138d5", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.1" } ] }