{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b654f067-69e8-5298-9df1-f9d934da4cf3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "6.0.23-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0b646ea3-bb3d-5f4f-acbc-370626d628a8", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 6.0.23-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b87594d7-1061-54f5-9113-d357ab8a0991", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a70fdf25-5521-52ca-a3d1-9788924c14b9", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:afa4ddf8-62b9-5632-8aa0-896a24fa6ef5", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fb54e4f0-7842-5896-bf28-fd01c0e29c69", "id": "CVE-2025-41234", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f54c3270-7d24-53d4-9b85-7db7e327dd47", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 6.0.23-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:43309cd5-6fa6-5c3a-bc3d-88e5d3d47184", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 6.0.23-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:677ecc17-367f-5696-b28e-f6ce151450cb", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 6.0.23-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2d22e5d2-2cb5-5105-82be-e73ac88b6eae", "id": "CVE-2026-22735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22735 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ef16da70-efb6-5fc1-981b-d499e56fff45", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 6.0.23-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2c3371b6-2f79-589a-8bc6-43b6c0e01bf3", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2938a00a-048b-5d9a-8a0e-62c784f35e80", "id": "CVE-2026-22741", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22741 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b3a60c2d-6ffa-5d0d-b384-4ec67862dc85", "id": "CVE-2026-22745", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22745 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.4" } ] }