{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5b64ee1b-f9f1-5cbc-bf6f-01869af80ef7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "5.3.7-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7ef778e6-f274-5787-a12f-74cfe203f865", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4186dca7-27c5-5150-b50b-f99048947b57", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cad582b4-ee60-520e-a78b-2b2f7cbb3cbe", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a0101cb-90e0-5af1-aff9-8b45b10a1f7d", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d23da15-a7cc-591c-a5b5-aa9bf12fb5a7", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f129f98-47a7-58ad-8b3b-9772e170a94b", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f32c8d93-ceed-53dc-b0a2-83a3e285f08e", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e94f545a-6a90-50e3-a904-a52e397fb247", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b670c298-7afa-5254-a2b2-65eed71a54cb", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4fe1faa6-4c89-50d2-a9ca-44bf01f9e8c4", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:44b28d56-47d7-57c8-9d59-59ac76b76d77", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a3c9e61-ca2c-5016-bf63-7c2710fee5c9", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bbca5df9-4e75-5b8c-aa26-1ba62a52159e", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:44102706-4a90-5b7b-ae2c-5e070c9633a1", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:14563f3a-3376-5722-b5e8-6701e27459c4", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9d1f1039-a7c9-54a8-8903-fc17e7785b7a", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf0a1cd8-156f-58fe-a929-0e5536a35399", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:64256c53-77b1-5acd-8510-9403bb7107d3", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6f37b5fb-d3b2-581b-b4d6-f9bb55d856c2", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20285d40-05f5-5105-a3a9-55068c2ba318", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a00f09eb-214c-59b8-8461-7448ab24ee19", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2dbdd139-43ca-5639-9e37-7e0b666ddb30", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-webmvc 5.3.7-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f408971b-4fef-5498-91a4-abe11c8dc831", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e140813-3016-567e-8737-41afbf7b9556", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd3f2d95-4dff-5326-bd46-acec2b1c1e88", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:280bf0d7-075b-5f25-8e73-c7dd010d2ae1", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ad930f31-caa4-52d3-b725-23795664d483", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.7-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.7-tuxcare.2" } ] }