{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1a0a8fea-9a98-5bcd-8772-87681e4b4062", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-webmvc-portlet", "version": "4.0.0.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:19cec658-b82b-5381-a029-2e211ae21b30", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a64f8d2e-b827-533f-b24b-7d46c7c46bd8", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ea592874-782e-53af-970b-960692ed3d37", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f2449a7-8e10-5f6f-8339-308ca5d8d0bf", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe54e771-7004-5259-8753-cea77b19eda4", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:31da9d26-2fdb-5bb4-aa7c-f0783b7a07c9", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d8cbf654-f629-5ac3-8543-70f7b7bc6003", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1365b0b3-436f-5194-aafb-2637cf95c2f2", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9a043dba-2811-5d2f-883e-15a36e2dc79c", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d523d245-7da3-576d-a688-07abc19ed50c", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a97dbdf-e1e9-55a7-9bc0-22c8be83d03a", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91d12a02-b153-525f-b6e6-54a3b4ae53d9", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:612f44d9-96eb-5742-8f83-fdcb915104ba", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-webmvc-portlet 4.0.0.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7ddd3286-0bc0-5adf-99ab-1fcdb53fa60a", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fd6f03dc-acbb-5806-9de7-dbbb93274198", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef6e6ed7-3d37-5d4e-96c4-1cd871824174", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1def9696-6979-51a2-8cf5-61997a9ab7cc", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5e15cb18-6eda-5521-aa72-2d090c09a6a3", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:508dbeb7-0780-5c12-822d-097578eda225", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9d70e3fb-0412-5c0e-b288-5bc8d605d221", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:25bd4a7f-1974-5ce2-a103-297bf8e53780", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b61d6faa-9d29-55cd-a471-051fa57995b0", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d4691e6-fc89-5ad6-ba2c-d856144d97f7", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de40e752-9986-52b9-8ae9-a5e5baadf8e5", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:04fae1c7-1b4e-5d29-bf77-f91b48f48757", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e5cc63ea-1bb8-516f-bf05-d9908368f27c", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:93e83671-6275-5b94-9660-8e133c1959a0", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69d68a2f-a4b6-5eef-8df1-157f002bf7b3", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f48f895-f64a-5239-aa50-19e6b89bfb75", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:536e9934-dfca-53d8-8c98-5f312b60db82", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a11db88b-980a-516b-99b3-93aa17b91d83", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c398b93-0917-5dd7-9652-32b0dc558f07", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de95be36-3330-5172-a1b8-cc268c1688e1", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f6a0c79-a070-5260-8423-881000b03226", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96e8ced3-2e58-5910-a5a8-1d9ed56fa5e0", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d6bcdaaf-8641-592b-bfbf-9f19dbb62c05", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7136af0e-1727-587f-a740-b69db04dfb25", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4c13c63d-cfa1-5fbf-8db9-819ff2adf1e2", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:66980c40-df6c-53b2-bd31-6c949c1fb2d0", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9a0c80e6-4a1d-5f27-9395-5e582ad8338c", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.1" } ] }