{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e3410278-41ab-5ed7-a507-1598ecabd31b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webflux@6.0.23-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-webflux", "version": "6.0.23-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-webflux@6.0.23-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:26038078-ee66-5dba-b3dc-1c4b96474a19", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 6.0.23-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@6.0.23-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f9cf1c19-8984-54b0-ad14-ea9244424126", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 6.0.23-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@6.0.23-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe02c380-22b4-517c-b7cc-35f8886b6b61", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 6.0.23-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@6.0.23-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:45fbd2c0-45d9-5c9f-aa03-dd84746c9479", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 6.0.23-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@6.0.23-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:05ce7dc3-913f-57a9-978a-88f948aecce7", "id": "CVE-2025-41234", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.0.23-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@6.0.23-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9cea7d3-a59e-5e4e-9450-5dcc3e1345f7", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 6.0.23-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@6.0.23-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:239e6f33-4dce-5b5c-b02f-c9ebb4b5a522", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 6.0.23-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@6.0.23-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d10ce88-9dee-5f1d-9595-84f975baea96", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 6.0.23-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@6.0.23-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db68efc7-06c8-56f7-aace-3cf5279721f1", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 6.0.23-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@6.0.23-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0722125-15be-5d9e-8137-f0a443ba7612", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 6.0.23-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@6.0.23-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webflux@6.0.23-tuxcare.1" } ] }