{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2e4d10c2-0ce1-55aa-889e-848f109e14ea", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-webmvc-portlet", "version": "4.3.30.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b7410fd9-0b35-5438-9a58-4c5b0bec0c5e", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e480f1a5-3e41-5d51-b6ba-db2453e591e6", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:11960c5d-602c-5dce-ac85-45d3640116d9", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2f19f661-d0ac-57aa-8f10-f668956dce6b", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:16661cf6-dff6-534e-a3a4-ab4dd06ca23f", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb1a1f2f-7818-5ac5-880a-c910cf5b8ada", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19dcc694-50d1-58a7-abf6-997163dae202", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa481944-684e-588b-b86d-c1fa3a9731d3", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:31a99f5a-c0dd-50f0-8200-3943eb843e8e", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:35c575f8-7030-5f6b-84f1-f905a3504d54", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1d851b6d-09d4-563f-b6dd-00fed343e7ef", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed162b75-53dc-5ba1-a407-075adee30122", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0606aa21-7233-5ec6-b715-65765c7394b0", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cab809e3-858d-511e-8035-00f783eed329", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:04490bbd-c015-56cd-b54e-df5067089f4e", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9518f062-f37b-566c-ae5f-ec8cbf6d0c6c", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f348917d-19cd-546d-93c2-73684957b5eb", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ccc450fb-9e68-5de7-8c50-652542a8456f", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:69d59419-8b60-5a69-b7fc-23a467677a60", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:594fd67d-e519-5a9d-a72b-2191b4d50b78", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90ea6a45-9010-5711-8093-d0d763de7683", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b8fa111e-b27b-5510-aecc-112a2207b9d1", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:695b7048-5dbe-5a79-ba5f-9e2efb896284", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c81e794-f602-5057-8b67-d86212aa7018", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:427bd3aa-67e3-5b39-b1e9-d9970ffc46a6", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.3.30.RELEASE-tuxcare.2" } ] }