{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f393a0bc-48ad-5742-9198-cfe79e4d347b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "4.0.0.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d2432f02-989e-5478-822a-c5718e954eea", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:704abb55-b54f-5dee-88a3-d7741a36d79b", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b44a70c9-1660-5392-9e11-104f814b9994", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b63a1811-3ed4-5f0b-b985-5e299472eff6", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:22d50e11-0fb4-546a-bfbf-3e4f269a5c97", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c2415ba-a48d-578f-bc2b-1b1fb8d04e26", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7e04ae9c-47a5-5113-b6d9-026818bc7757", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c45dd903-e9e1-50eb-b55d-2d07c3b80739", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cbb6b170-98fe-5e1a-a236-1fbbe95db02b", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dfc39c38-3508-5cc1-ba0d-766b336c202f", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:858c088e-c653-5d4d-8fa5-19624fd03acc", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e783073b-a7f6-5e60-bb1a-4578cad9a857", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:63012b99-ab09-5fe3-9e26-3d45955f57be", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-webmvc 4.0.0.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:44ee3a26-b610-5bc6-9e15-d2e7617cec94", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:346c8678-4f8f-5f8d-812b-636ff4d03caa", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f215dd3a-344c-548d-be8c-d84eec7b419e", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a2b3a186-d8a4-57ec-bcb0-3b8abd716b06", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f883463a-d80a-59db-bc45-19e7765db65f", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d012d6d8-622c-51a4-989f-c961942c0da8", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:41252c91-2624-5d07-b11c-e55e2a623f4b", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:47c9242a-a42e-5382-b5ac-a90d0777415f", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd1507b3-9b1c-56d3-b038-66bfb500f923", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:304bf1f5-82c8-50b8-887b-a272abc790a4", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:17e19410-0020-52e3-8d63-84f6e46ca6aa", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1949f808-195c-55cf-a313-63edee7bc32b", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:37df3d2e-c382-5a88-ad5a-fb4d79690ac5", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:741fc1e9-5617-58fb-8df9-73dffd8411ee", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7ff90717-8aa2-5724-a274-89c5fedf4c2d", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1a71cc6-a44c-56f6-aee1-a72810689e3f", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a80bfd5-1032-56ca-a9df-42e1a3bf156e", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:84c8ac4d-70a4-56ce-a0da-6d56cca3cbaa", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a2703e4-be1c-5ed7-a312-5c243000c836", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:399b0292-bd07-5757-9b47-3846d62a8022", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f9250d5d-e18c-5e5c-bbe5-6dc75379b521", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dee3ac39-195f-546d-bf84-a467a0cd11d4", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cfd657f3-c0b3-5c62-aa74-21a345982223", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce2a4b46-18f5-5560-833c-5dacdef26fe6", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a252a256-cb0b-5e1e-ae94-0796116f7eb0", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:18123522-29af-5bdd-bed6-d5cb62a95655", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4cec97b-1dd4-589a-a176-2c71b493bdfb", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.1" } ] }