{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:27312b5d-f751-5372-8a8c-32f4959d4aeb", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "5.2.13.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ba4aa0b5-ee23-5e54-85c9-a7494989a415", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eda16b35-3cd6-56ca-bcc2-90aadfd4c743", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:22552fe7-94d6-527d-8847-f61eebebd29b", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5b95c16e-b232-5bdb-b77a-173de90efe55", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d6019102-2130-579f-8490-0bf8fc4f2383", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:54b230f3-003e-5027-8055-188e71a6779b", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a205ef14-6ca1-5b06-adc7-6afd922f1cd0", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:18f2d52a-0138-5362-b9f6-42fe3fd5b9a2", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8a76ed19-2538-5a18-bade-9de630da367c", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:28b80ba9-8db6-5630-b775-2702fd983b24", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0162334d-9ed6-579e-a214-83b1fb5c1274", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4e7bfc37-20d1-5e35-b147-e617ec7bd158", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e7812fb6-6b95-5b86-a4e9-5758387b3b9a", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:62423a33-3c79-5724-a8f2-43d8a8c2e03d", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:04dff8d3-6ef9-5eba-afdd-9d76abb92aea", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9e3caa2e-0d73-5dac-8020-ec2e3a1959ed", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a8fe2618-a962-5dde-a00e-d2cf151975a8", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1d92af73-33f9-5192-b189-432150cfe968", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c41b634a-5dd8-560f-bcba-7d0df429c964", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e7f876a8-e735-5820-b37a-3470be59bb45", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:39a57010-7009-5fa3-9c9e-bbdf6b13d896", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8e8d74b2-a6bf-5741-8215-69ee22a8d3fb", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ce42493f-8107-57da-abf0-7791b0060a7f", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.13.RELEASE-tuxcare.3" } ] }