{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fda9b092-5d51-59e5-9bc7-ddf46233949f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-webmvc-portlet", "version": "4.1.7.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a2d20f10-5679-5a49-8def-50c6a4f2ab98", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf2abf50-884f-511a-aa2d-a64f1a956a3d", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97c4e6ad-768a-5112-81ed-d019e68b2a85", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:52ac0d29-c21e-50d7-953e-c99ee10784a8", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:78b8b4a5-ca7a-5a23-81cc-4e9d7e3894d1", "id": "CVE-2018-11040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11040 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06bae54a-4d45-5792-bc09-b19dc5ddf5a7", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a1f146b1-8e83-5289-9a89-0f8225803672", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:24b9b87f-aa4f-534a-ae9b-b284a8aee42c", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7872279-44c0-5558-b7a4-eed987f8aee9", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:664c7496-7e16-53f8-b774-4f1a5668976b", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5f2e5f42-b3db-5233-8780-d0cbae8b5d2f", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a0bb71af-d27f-518d-8c6d-88d7f22d82c8", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:846f7a3d-9c0d-52d0-acb8-31558d0d8c81", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8f923995-1b24-58d1-ad80-769f9c64096e", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c23c35d-2574-5412-af2d-b853bc73ceb1", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1327b1de-7da0-59e7-b14b-199990c170ec", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d5b73ce0-d1bf-55f6-b2af-236d8f4f10a1", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:98523508-1ad8-5427-8a10-e45ae138ebd4", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fb8bcaa9-cf24-5092-b5be-a61d2af0d71e", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:55e76d00-a44c-59a3-8a38-fa15efaf3dbd", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57afb73a-1977-5a32-a1a6-b5171a54336a", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca98144c-adaf-5351-b78f-67e84c8895d9", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f1a9bed-6a20-569b-8fa3-dc45e6efaae6", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b7dfa8dd-b56e-50c0-8da7-bf3ebe33d463", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0be28eec-830c-5cf0-b2ba-055d77a8cb70", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0cd2a74-e4e5-5cd3-9f95-0887c4819aff", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bdc15212-7a52-5420-a854-02ee8094b678", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5b77e2a-705c-5b8d-b917-593fb2750e5f", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c4ee3f2-d26b-5e84-a7c2-47a73d82eae2", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.1.7.RELEASE-tuxcare.2" } ] }