{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7585a11a-7e96-5e9c-aa1c-bac21f2143b7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-webflux", "version": "5.2.13.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:80ed21ea-6fcf-5d00-9b32-623de6b8b7b9", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c22908b4-3e57-5a1a-9004-9f70c10bf4e4", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:53119c3f-c76d-5646-b850-8118d1396cf8", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a38064d-6d4b-5228-b4ec-b5d735bb5835", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ba72cd7-c18d-560c-8b72-5147b18d8a66", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:088d3045-929a-55aa-9eeb-61f1bfdef82f", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:faf17ef4-5458-5120-b085-da29fcf93e60", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:987dbdbf-4494-5c13-bdef-799a809f18a7", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17d40071-9fc7-5c45-97b0-7ef7ee7d88ea", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:277f837d-b561-58d9-be8a-0b35cb9c453e", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76fea394-4d21-5075-8829-6c04f7cc93f1", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9d12d806-e6f4-5879-be1e-587c4ac56111", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dc09aeeb-f455-5a51-a91d-833fbce571aa", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7281af0c-286f-5cfc-b49f-c79edfaf0243", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bfebd892-b445-5e35-9d35-bd589c69aa1d", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7baffd5b-1c0d-5a61-8866-0b645dcdb2f5", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c4764dcf-15b2-5436-9c44-3355de377a1d", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b90e5304-e11f-567b-8601-f443c964ebc6", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:727a40d1-5774-5125-9520-d5f6b6125a90", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:08a2a803-9e4a-557b-80b2-70ec064c532d", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b58512d0-4305-559e-ab17-c051fe45557b", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1fc8374f-3147-5ee1-ad7c-345d476dfa27", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cd6726d7-5971-5c8d-a0e3-fa9e420fa2f2", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.13.RELEASE-tuxcare.2" } ] }