{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d158339b-23a6-59be-8362-318fe624d715", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "5.3.37-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0070c353-99a5-53c2-b7e0-de69e5b198f9", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.37-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f1208a3-aa98-5e47-ae6a-0d9438a9e882", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.37-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ddfdd573-26de-51e5-ab37-6bbb4579c5a8", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.37-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f1f1b8ff-3ec5-56f5-9121-bea9a5cc426a", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.37-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5d3580c2-0a33-5faf-aa29-eb7c868724e4", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.37-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:765e642f-08da-57e2-813b-1e93374c22b6", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.37-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0fe89895-c385-56c5-bb9f-f77febef40f7", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.37-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06cb8b9c-4531-59df-9c88-4aea3e55f569", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.37-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28b72ee1-a868-58bc-a681-984116dcbde2", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.37-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a6856ac0-a740-5380-80fd-f502cffc29e2", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.37-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ac2c9b75-5b5a-5657-9cda-48f57cb15374", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.37-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5bbf5ff2-d4d5-5adb-966d-9f1ee7288b19", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.37-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ab72175-cb7e-5b22-8624-5b136436cb42", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.37-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.2" } ] }