{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a4ca3c1e-6928-5333-8353-38a29f242c9b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@5.3.31-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "5.3.31-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-webmvc@5.3.31-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:749eced3-584f-5a30-91a9-7da9e9ca84ae", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.31-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0d3a4f61-e4b5-5d11-bb9c-41594808810d", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c880f913-c466-5e02-be75-46c930b4f47c", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:02d4ee15-bec1-5c12-92f1-777c771dcbfa", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1c9bdd9f-90b0-5ad1-b318-063e7fca4287", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a55e80fa-171a-508e-bfa2-aa6f7958bd5b", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eb1c1862-83bc-5f25-8c06-c4e3680eb007", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f0d5112e-055b-5c8d-9f44-e877ee788bde", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:873c02af-3c55-51cb-95ad-6010f4835d21", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3989a364-09a4-5efd-9d47-b87b50963bfb", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8645547c-6876-5877-b1f1-d73aabd6491e", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:225738c1-08c9-530d-940a-8b188260f8ba", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-webmvc 5.3.31-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5180eff7-2e21-500e-982c-f957887549b4", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:23b306c2-c5ec-5a46-9d24-9e2f42120e58", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0b22b4ca-26be-5aeb-b3ba-e84a0fb43bc2", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2242fbee-a3f5-5e01-a00a-6b1483331f3c", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.31-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:205cb205-ce69-523b-bd3c-7baf3720abd6", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.31-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:04ae2a7c-cb2a-5cc9-be7d-93dffc44cdde", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:29c11eee-a378-5315-b046-ddf26402561f", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.31-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8cbd438e-01df-5b85-a4d1-2bd29a95e931", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.31-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.31-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.31-tuxcare.3" } ] }