{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b27b6ba8-e087-5cdd-b7d5-77488a4bdbfa", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@5.3.39-tuxcare.11", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "5.3.39-tuxcare.11", "purl": "pkg:maven/org.springframework/spring-webmvc@5.3.39-tuxcare.11" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:978a32ce-a737-52b1-8518-e887cfc167b0", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.39-tuxcare.11 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:0e4b25c4-0858-5aaf-bbf5-69eec0a01594", "id": "CVE-2022-22968", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2022-22968 does not affect version 5.3.39-tuxcare.11 of org.springframework:spring-webmvc. Spring version 5.3.39 is not affected to CVE-2022-22968 as fix has been already already backported by the original developers" }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:80a6869e-948e-5bd4-821a-fe35d95869a9", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.39-tuxcare.11 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:02c22954-635d-539d-94e7-ff2571a081f4", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.39-tuxcare.11 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:50375755-e40f-5809-9c59-96ea4d287078", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.39-tuxcare.11 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:19bb8eb6-4eb7-5bad-97f6-195326e72f07", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.39-tuxcare.11 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:66feea3f-1a29-5944-8ee1-27ca63507571", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.39-tuxcare.11 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:9099ae42-284b-58db-bc59-00ae39d9366e", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-webmvc 5.3.39-tuxcare.11." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:b8edeb27-6ec6-53aa-90fa-6b767bd3df0d", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.39-tuxcare.11 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:02ccc61c-c875-53c6-a903-b2c648c3f1c2", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.39-tuxcare.11 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:25cd07b2-5ded-52cc-8522-9ea2c3ea12b2", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.39-tuxcare.11 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:45eb0dc9-4b4c-50f7-a103-37399ee4680b", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.39-tuxcare.11 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:8b22b491-f337-5f13-add8-664a5445bc25", "id": "CVE-2026-22737", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22737 is fixed in version 5.3.39-tuxcare.11 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:016e918c-4a9d-589f-8de9-d7374d86586e", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.39-tuxcare.11 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:afd01bd6-55c8-5209-9a77-f9feae8b3aa0", "id": "CVE-2026-22741", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22741 is fixed in version 5.3.39-tuxcare.11 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:bce40a1e-f2bb-5c0e-a95f-e8146e7be932", "id": "CVE-2026-22745", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22745 is fixed in version 5.3.39-tuxcare.11 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.39-tuxcare.11" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.39-tuxcare.11" } ] }