{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:16c7f8b5-dc09-5c5c-9d79-aaccc53286e1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "4.3.30.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0bf0d0da-7c93-596b-b36e-1c46ac418c59", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b306630c-30c2-5097-a919-f0b9611073af", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c9b7c119-4811-561d-ba06-5139789177cd", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d9a8e753-6c1c-5475-85d2-3f1ad3251e2a", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:458c953d-332c-50ab-aac4-c0abdecdea33", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4efd4424-7bec-5d72-a87a-28ca94f0501a", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c044b253-fc3e-56b1-bb49-a6fd7cebe2bb", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:74dfed11-7ff9-5a34-b2a6-b564a7e72abc", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b6c3278-62a4-55ed-b043-399f7fcf9989", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f8167f68-f85a-50cd-ae8b-6874365330c4", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1b6473e7-b7a1-5bcb-aea0-98974589e8d4", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:69553458-400a-5fb2-8380-74b237dbcb1d", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1f877364-93d0-527c-b3f0-7dba77df385f", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bbe32520-89fc-5048-86d4-107b8635a2a0", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c7663f2a-2727-5ad8-bbfe-469320f74fd4", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7f1829bb-3853-51a8-a685-644112868a89", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bc74cf20-b4da-55b0-ac27-9f7d542bf6c5", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0d699ce4-887a-5483-9509-2e112f435379", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0222e562-c0c3-5577-9d6d-2d63c53d2450", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e1bb34c-fb87-538d-b337-a3af238b30b6", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:253d7985-eb56-5d94-be48-5b3218db403f", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13ae5564-7b52-578c-8abd-44b5d451404d", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:89bcb9a5-7eb5-5faf-8b33-d2edcab29bdf", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2cc0a217-d6d4-5f26-85b7-8509b639be97", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0f871c47-09c9-5521-b6a9-b22da2276deb", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.3.30.RELEASE-tuxcare.2" } ] }