{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b31a4a83-8253-524c-bb88-03c320bef17c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "4.0.0.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:13eafa61-ea11-5a88-b67c-effed708ac40", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3e54775a-3ec8-58ae-b2fa-92ce0c19b48e", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9c3eddb-3e20-5eb1-9ad7-cc9958976dc0", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1bd6add6-e332-53a2-84a0-ab42955131cf", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ecb8d39b-543e-5d1a-9d80-b63d1f92e0ee", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d68a732b-91bd-5d47-8dd5-c967ad86a539", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7811a4bf-3bd6-5116-aec9-faf2f64644d4", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4597f2f1-3dcf-516b-b2a9-af030406c6c8", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6105f740-94df-5a0f-af24-f51b5f185333", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c0c6a6d-3771-57ab-8c24-804d79e2a191", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:61a6f035-ac6e-5578-9c8a-1e0af5cd8608", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d296a7b1-7ce0-5756-904d-e2964085574e", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:de97f06a-10e1-5cd3-bbbe-668988233ac8", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-webmvc 4.0.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:29a12d10-6457-52b9-aa8d-c1e02c35467d", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6d530bf6-5711-51da-8a73-cab1ef4d1f73", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:53b8c085-98b6-545f-ae16-d614b6e1e9d0", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fe40b4e7-d9a9-5aad-8593-82255ff6283d", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:409bad63-ebb5-5cd2-9b21-a039f75658e1", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:051c0b77-6351-5155-af81-6766a24db66c", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c73dc0b-11ba-585b-8ba5-3dd68e8b469d", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:515b4191-4e6a-561f-807e-60b9d4465596", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b98e08b6-62ad-5bcb-a263-083c397f9545", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b63676f6-379a-5f86-ba7b-46831201cbc5", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d2e26cd-80f4-53b9-b55d-f896b986dfed", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:be3428c9-2efc-5991-8511-3504603001ce", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:64130d67-ae7e-5d79-ad20-8d1c17858d32", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:173fa6f2-977e-5e01-94c0-695ec0f091e4", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:63af6c71-8ef2-51fa-b23b-8920d9213f77", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d10bbe2-601c-5836-95c0-98d6af8038bc", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6badccfa-beba-5347-962a-da52851750f9", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:195955fd-8ba5-544e-a459-5f27db46d9d4", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3a9f2f4a-eb8e-5525-bb41-5d21217e199c", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca886cd7-4304-513a-bf52-d92ef9b92df3", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cb71643e-8ebc-532c-bcd0-b82f99fc4a9e", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6def61e0-19ae-5c8c-a2cd-f5ff7b5a20ae", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e38e903e-9360-58b7-97b2-bf2e787c33f5", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:23a6bcf9-69c3-5d95-a557-e3dfb33b5e44", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ab66b15-30a6-5ad8-94f9-1727c7f4c6ae", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f6b2968f-d6f8-5279-a4cd-4e4573061e77", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45b03ae4-ede0-544d-9af7-92190a526690", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.0.0.RELEASE-tuxcare.2" } ] }