{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fdb6e37d-94a2-537b-8f78-a21a783ccffa", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "4.3.30.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4de4650d-43d8-56dd-8866-9eb3f8ea331e", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3003a74a-8d87-5622-aee6-69560a2de91b", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2201ee33-e1c1-5c30-b0b6-eba9fc82164f", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2ca9cece-ecc1-5e32-9d0f-643f5db001f2", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:523658a3-770f-5968-95d5-2eeef97b67b7", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7e6dca6b-1a0d-58b3-8f4c-378212562747", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:74b8da7d-d2b7-5e7c-aca2-9e0d9c2b39d2", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:57757fc8-c88a-55b8-820c-252f56fda592", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2ef8841-686b-53aa-ab21-4da3c00329e5", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:22276c82-68f5-5ad0-8ad2-e467e47df024", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b326584e-6f67-5e5d-a046-753854fc35fc", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ecb6343-ffb2-5537-a5b6-f7b783fe9519", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8edb5cf5-200d-57a5-bde2-99fa6e8aada7", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa631ac5-25a5-59f4-9380-099f638630e4", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ddd2e678-f61a-54c6-bf0d-9396d8e765ea", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4a7353da-da24-5e42-8d8d-a3948e8e11ed", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:021037ce-6f81-53c4-8997-b458e26c18c0", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce1c7094-a026-5867-98f0-5ec92a4bd4da", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fd536810-a268-5a86-ac13-5e54751362a9", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:871e539f-dc62-572a-8403-c6311752fc05", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a9128af-cb86-5594-81ac-03283cde629e", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c46a660-38ef-5924-b83e-eb52971e60a4", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de2cf482-e473-510b-9060-c29be5973b5e", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eab04e8b-a2a0-5bbf-b273-86ed6b5523e3", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:512d90f4-c10f-5523-aa43-d5d9574aa908", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.1" } ] }