{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e1830ad3-b5a0-58e1-8524-451b5d103149", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "5.2.0.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a3be14cc-3344-54ed-acbb-f626ba0d85d4", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cdc1d9d2-8395-574e-b0e7-1979b62bc462", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ccaaf111-3927-526e-abdc-b6e274f5b170", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e1981c34-f148-5120-a43a-e4a7a6f39df8", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:495c321d-9ea2-5a3c-9658-40ffe9e42725", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:17447147-7163-5146-ba05-813d96f28ab4", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bd741331-16fe-5881-b7cc-ed9579999fff", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0298e8ee-9a8c-5bee-87c4-23f9f6522923", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b03304c7-0ec5-50d3-80d4-6465b6d47aa0", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aff8c2d0-a9d3-5252-b065-d91ecc7fb577", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9b9e476c-71bb-5f90-9628-040c36f9812e", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:90926127-8739-5f80-97ac-10faaefe1d39", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7a270897-b18c-5369-9891-bcab3c4b0b67", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bad5d24a-6f99-5765-a7f8-0ba18ea801b3", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2c860937-d31f-5e86-bfb6-4d7833ac19d4", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e2a8df3e-a1a8-5aa9-857b-b1b7c012c169", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:37dc087b-884e-514c-bf61-bdda42c27f70", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1e06b8b0-566b-5353-844c-e45ee45af90a", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f712c9dd-4c25-5519-a0c7-193e7e5775cc", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-webmvc 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7468cf40-534e-5a1c-bf50-e10fea58a147", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1b12662c-dc04-5a82-bb75-0f06bdb6027d", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:13aa8dd2-02ed-532e-93fe-f44ff151a83d", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dc6850b7-8f42-54ab-918c-420c38d7d9e1", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:95b91b9e-1f04-58c9-b0e2-68bc92a753e4", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-webmvc 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e8c35cc2-35f3-5ac7-baae-d930fb4c2e2f", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.3" } ] }