{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e36f12a0-0fb9-5e13-bff6-01112640be3e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-webflux", "version": "5.3.7-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0a912e0e-2651-52db-9b6f-b96af281fcea", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:234ee609-3995-5206-93c2-0f9404f88816", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f95df783-2e01-5a19-8acb-54c048209456", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e62b23c8-1c86-5cc6-8fb9-5c7afcc6e73c", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2c69e07-f008-50f9-b229-5d4fdc509bf4", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8fd1661b-fae5-572f-a39e-6063e2a9811e", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:14692658-c77d-551b-987b-83c400c8fdf7", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8cc3d7d1-e444-5288-8781-31dfc4e8d59a", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ea0a68e-89a3-5f70-bad8-86ac66789633", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cd513220-5406-5a07-9690-851b2472c7ea", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e3b7cda3-f9ad-55b5-98b4-3d37e6b11006", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:07755f1d-113a-5ac6-82d1-72292705961d", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:add91764-6159-5650-98b9-c09d65ae9c13", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4878e6ff-90b5-5927-8883-e515e00885da", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:52239650-2b3f-5e7b-a599-a9f46651bc37", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:484a0afb-86bc-5a5b-b84c-0d318288fa3a", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5b5e5853-4023-5fc2-b5ce-c35b9edfd88a", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4cde0143-e616-5c57-9603-34583589892c", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d5c6f4f-777f-5c6b-8302-a967f730b187", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b78002d3-47cd-59d4-893c-fcdc53bc1ff3", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b76b2275-8044-596a-be03-2a2476b9a136", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d8df7fad-9f75-5c9d-b441-644c1267f4ea", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-webflux 5.3.7-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d10646ae-b846-5e32-93bb-80d4f9a5849c", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06b96746-19b6-58d8-addf-7f5e8c40b2f9", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b3f9d68-8d46-56c4-a201-ca12a115ef13", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ff4d753e-f6db-5637-863e-9113bb07d2aa", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b2cbc34b-e8af-5a0d-806f-0be19c177876", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.7-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.3.7-tuxcare.2" } ] }