{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:40f1cb13-dfa0-5b9d-ac18-78a4d5df7abd", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-webmvc-portlet", "version": "4.0.0.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9821f2b1-1aa1-53a4-9f5f-76644a8f08c3", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c688de06-5490-5a8d-9a3e-3e5266bfd769", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1b18715e-edbf-512c-a5f2-398305452444", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf9ec7e5-fc19-5792-b4b5-9cd81bd12378", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:da18ccab-3280-52d4-9683-f54a9eb0b331", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b63fc6d3-c994-585e-bf81-ca31014935df", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:81788490-9d53-593d-8a5f-44970dea217d", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d8b5344-9b4d-50ea-bdfb-400fa8c26365", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d2bdd2a1-d188-51a2-80f2-268c4491e59c", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e33b3cf5-373d-512a-b274-7ed674c7062f", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e44edb93-f9f5-583a-b202-55147ba043b1", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b8f72bac-1efc-50a4-9fe6-83550d6d834d", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2f654e99-f587-5809-a64f-ca3f2f863877", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-webmvc-portlet 4.0.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:adb2bbcd-6715-50b2-917f-1141aca353f3", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3bb91933-4b11-5456-a6a6-6b04f3a9a83f", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13476e6b-4bcc-5c2e-835c-d1c0d12bad38", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d837f430-cb6f-5972-9106-63ab88d25fc0", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cbc5eb1d-66d9-5d31-a90a-a586bc26d859", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9fdf25ef-fedf-529d-bd7c-f0fc86d34e4e", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:31200adc-9f94-595e-9dfa-a5040072f926", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:00e115f4-e15b-5c11-a912-43bd55026136", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:69440437-a9d1-57cf-9d01-086165da6a98", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b53da96-84fc-5ee0-a79b-ec0fcbb3dfa6", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d23635d8-e526-5444-a954-ab4c56e08417", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:33bd9909-53cd-50e8-9721-e4818a07fb5a", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cca34baa-24c2-5348-95b8-508230678b01", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ce53fac4-e5ef-5c26-ab47-d44c00f6885c", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3d701b8c-5dee-5228-ac37-8b8e9ddaf206", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6fd307fa-a69c-574c-ab57-e216bd69b79c", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca88e8b0-9118-5e62-a34a-cc57bf97dcc3", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f0faa7b-c49d-59f2-a4ae-7c1889ebc1b5", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5b063dc4-bccb-5138-8e28-fd5941eb9c7c", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b619bf93-1b42-5538-8c7c-363b356ea2ab", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:92642c3a-3f27-547c-a77b-243d00f2f981", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:60a53588-cd0f-5cd4-9643-414641954da1", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e6b4260-2314-58e7-bef7-89401d868cf5", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5cf97ebe-5e54-5df7-8162-e8efe580fb89", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c154da6-a7f5-5fe7-8181-f8decd3cfd44", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:171b004d-77a0-5acb-80e6-7d9055d13cbd", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f0c3fed4-320b-5032-b2ba-74771640e24b", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.0.0.RELEASE-tuxcare.2" } ] }