{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2dc7dd74-54fa-52d7-8d9e-bdf43f4d4ff7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.5", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "5.3.37-tuxcare.5", "purl": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:442f9e11-6137-597b-94aa-642ae0037530", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.37-tuxcare.5 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:159735c9-864f-5f38-b43d-a9b7dc0fa234", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4bf7452b-dc3f-52ac-88d6-3cf5045f8b2f", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c53e3d08-c8ba-5f90-8949-69d273cc3e2c", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d9c6f118-f192-5c19-ba6d-c79f0325c32a", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.37-tuxcare.5 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:24869809-2321-5857-a8b0-64ffeb88ead4", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:adf6a629-7b34-57bf-81fe-0fc0960e0933", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.37-tuxcare.5 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4a97d7c1-0a93-59ad-931e-6576619a7bca", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f271af90-e538-5721-b410-147392b3e9f7", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.37-tuxcare.5 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0d274fef-d6e4-5839-a47c-56c18b9e0781", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0c25938d-74de-5abb-a43d-2c928dac50fc", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.37-tuxcare.5 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:da75cb69-b36e-5d86-a61a-0d3c253920d3", "id": "CVE-2026-22735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22735 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:83f7ba01-0f37-576f-a1a4-a70f8800e0c7", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.37-tuxcare.5 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:728b459f-3074-5fe2-bdb9-31cbfaf08896", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ab1e0d45-d459-56cf-a043-9af99d0e8794", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.37-tuxcare.5 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ab51b067-916b-58e7-bed2-06cc8a6a1f73", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.37-tuxcare.5 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.37-tuxcare.5" } ] }