{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:78982e46-32db-5bbc-b2c0-373dc03c3140", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "5.3.37-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f52cf060-67e2-50f3-8e8d-a6bc97b13be5", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.37-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a7b63db8-e614-5e1f-b08d-45ead519d935", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.37-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f6853f5-8aa9-55df-aa27-5beca7f99093", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.37-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72dc6c5d-3fdf-55fd-9107-6253052591f9", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.37-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:097e36d7-cbfa-5888-8b28-de5cd3f71a94", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.37-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad1bc42a-adc7-5ccf-bd11-1ff1ac3edabc", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.37-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8442894b-b690-5f7c-81f9-6d1e8a4b5b44", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.37-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2cd4dc02-b590-56aa-a106-68aae1cceb87", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.37-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf8358c4-3b88-59d9-8e80-50997853a093", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.37-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3131fa3a-3e3d-5ef8-9fe2-b336092459fb", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.37-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e314e41-f077-5dda-8fa3-5b47dba44ed0", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.37-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c05199c9-502e-503a-bbc2-ccc258822489", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.37-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23b60023-9692-5c43-8e2f-7fd7886affe9", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.37-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.1" } ] }