{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:42dbf026-e1a3-5f84-a96e-5fcdb99133ad", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-web", "version": "4.2.9.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:39be7e1c-00d2-525c-bb5d-390886f4cc43", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0eba1e55-b412-5d6a-9197-5699911fe261", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f014688f-d80c-51c7-a8a9-abeeac724f1a", "id": "CVE-2018-1257", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1257 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b127a4a1-99e3-565a-9b49-621fccac45dc", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76bdaae0-e53f-53fe-80dd-23270965b362", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dfd42350-f163-526c-9fe3-125e9a439248", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0aa52063-f812-54b4-a468-e245aa89eb5a", "id": "CVE-2018-1275", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1275 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9d3b3725-19b7-55a8-9f5d-5ff0a7da892c", "id": "CVE-2018-15756", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-15756 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bfc7f3b1-8553-5a0a-a33b-1d9ddc363d47", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:03164f00-8421-5395-8f7a-87f88fbddc8f", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6e330f61-d905-55c7-8bd6-11fd73ff89d6", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:944f9268-de58-5043-b527-d27661eb758c", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e9d4d58-99d0-5a76-961f-c5d4a33abff5", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2be37c86-c35e-54d8-8c2f-152e6bb5a037", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d8c17dc6-61db-5977-8d5c-560072ad4db8", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b13dd941-0f7d-57a1-b0c1-48a079a488bd", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:63a1441e-2beb-5b6f-ae1c-4039cca65113", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7eefc9f1-0c8b-556c-8625-8560ac647cae", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ab1c3ddf-9c0d-536a-ad10-b11313dfc826", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:655a956d-3760-5c45-a0f8-d43b4103aa95", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fa6d6c9f-53f6-5a76-8325-a616f0d16b54", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:258aa37a-fbfd-5e72-88cc-46e52d98d44d", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:74ccb1a7-5eb5-52a2-bd89-6bdb1ebeadf3", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dedeab85-f691-5bc7-9251-17e1c1972be8", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ae61fb04-5a67-5e5b-942d-0cafff5bcbf3", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9e4ba90d-344e-5823-a234-f89049c5f8ba", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f80e0e52-dc24-59b8-a8ac-b7937d4b53df", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:414db7fd-09d4-5d1b-957f-bb806de626e2", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-web@4.2.9.RELEASE-tuxcare.2" } ] }