{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5b7da6c4-154b-552e-913b-6b9665390b81", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "4.1.7.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:30331aa5-7de9-530c-847e-a18f1e317c96", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:caa5c5be-38c8-59d9-8263-a3eea6340b28", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f3adf7da-8e24-5308-a818-9fca38ba0d21", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3e7f705f-d140-5de2-a999-f7a5d1f7de1a", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d43712c4-9f2e-5bb3-b477-9cb9685f8317", "id": "CVE-2018-11040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11040 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13bc4502-9c68-51d2-9261-c5858e32302f", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7902f8b7-784c-5887-88d2-6e39d4319182", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2da796f1-7727-5bfb-b1c4-d7e385fdfe4f", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f611bde0-f499-5e44-8cdf-07c3d40f77f3", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a8122aa-190c-548b-8ac5-d020c82022b6", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c873b0d-2dd5-5feb-94b6-75e581e37107", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:432e8c44-6648-5f2e-8c61-0f3b896cf18d", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3c76406-26c2-5f67-8885-e4ec636de564", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f3eb0c4f-f967-5447-b643-5e9b28fc71d2", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4098465d-69c2-5838-8477-79ae3796c581", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf587f5b-155f-5fc7-914e-3c8ccd8c8131", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7d8d873-d953-5ad6-b50b-5d3973c4fe85", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:364f647e-0088-5a73-8cc0-372d05f92afd", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d2c2892c-6e45-5b7f-b6f8-99195f107eed", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3115aa3f-c319-5bbf-9adf-7783fbedebf7", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:95b7a965-9f57-56e6-9763-9f353e6c0dd7", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6c3ebf70-9d35-571e-becf-4f049797bbe7", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5bbd55e7-ac0a-5512-9236-c3ddd928371e", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8bf191cc-dd31-59e5-81d6-c3f893497aa1", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:db10e074-20cd-5060-833f-081009c6320a", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:deb1a68f-f9db-58b6-a9ce-a6390515d599", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:09857ac1-77d8-5ede-900b-6979adedde14", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57991767-7f2c-555e-89f6-58716542be2e", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:32b2fa4d-fecc-55dc-b42e-822942ca0508", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.1.7.RELEASE-tuxcare.2" } ] }