{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ee94e539-77d3-50dd-9a4f-f59b44373fe3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-webflux", "version": "5.3.7-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8805cf07-210b-568c-b6d9-a1da28476b14", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:25116190-7b8c-5e10-b520-6a01a7f65bbc", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:755827cc-fb6a-5003-98a8-b8e61ce4c6b4", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1347312d-8469-5cee-830d-148f4804ca0a", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc33913f-6b99-514a-9fe3-256c6e65d534", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f9cda671-80fa-5ad7-afc5-377586409536", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b048ed79-0631-5d02-b36d-a3995d8bca55", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1eaad76c-3cfb-51c0-ab25-b989cd6206e3", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2ebcead-2ae7-531c-b926-43870f0bfe7b", "id": "CVE-2023-20860", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20860 affects version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f8617dc6-d78b-5425-8d26-40d6014e5308", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e617baa-1807-5e2e-a97c-3c6731a5481a", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5a0a0086-b97b-53a2-a04f-02af023e3589", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c95ecded-ba87-569d-b78d-b2ba200c446e", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8411b17b-bb0a-5810-b704-5f8b794b257b", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:97aca4bf-bfca-560d-94f2-850e2fb37b52", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d191120f-7f74-5602-8a1b-9cafa5180618", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d06cd067-f3d0-5e5e-b80c-a90402778992", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9e480b0b-d2b0-5d4f-a3d0-d523aef57861", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:79bc64ee-3601-5aca-a66e-c1485cf59b1e", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a6fd60e2-0fb3-5ef2-b16a-d06bc333f3c8", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f78005c5-0679-5884-b64d-3eb8480f5c6b", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ab95a2f-1363-57a5-9a8d-b0a1f8eee28f", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-webflux 5.3.7-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e2db4caa-b83e-5e8f-8230-fd8c0117ab12", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0bf90a8-70cd-5b01-9d51-5fdd1d624567", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a0d6e35a-681c-5fd0-92d5-63cfb9db49e8", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5264ab75-3458-5e58-93f4-70b5d9fd5aa1", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:76540446-4701-5867-bd5e-f5db4cf1c650", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.7-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.1" } ] }