{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6229d88c-2744-596b-be3e-256dd327674d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-webmvc-portlet", "version": "4.2.9.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bebe5618-7e4a-57a8-b938-23451f8bd672", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a913b74-d5eb-5a9c-b690-7db51a92de0c", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:44856855-1d35-5749-841e-85661ef4bab2", "id": "CVE-2018-1257", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1257 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c750441-4650-555c-9920-ef790d155e26", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e135445-5d0c-56e9-aa06-cbde87eaf8a8", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5369f2d2-7a2c-58d3-8d97-b6830bb453db", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c692388c-8a12-578e-b638-5f6feadaeca7", "id": "CVE-2018-1275", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1275 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9aa3b7d6-f719-5e3e-8a50-be771d361978", "id": "CVE-2018-15756", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-15756 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a9f19fc-f343-5ac8-911e-27dce8537210", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d2a430b-66ab-53cb-8278-36b45d5fb6b1", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7d09978-7113-599b-b79d-f746459d8c7a", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b951520e-bb97-5b7d-ae3d-8a687dac3431", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:74c257f7-5fbd-5320-80a1-cccdbc7f257e", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3b15cc71-8095-508f-b3aa-63cf30776fef", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c6350a3d-574f-5598-b9bb-42ddf459c0ce", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:40079316-0281-5e75-8257-38d81a769bad", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1457ce3a-ffb9-5f5b-a9ad-9b2afe4f5422", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:72b9ae38-14bb-5957-87b6-f9a37c17bfb8", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a2d2b29-e804-5ccc-9ec0-096394ef4f18", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f0ebf8dd-7281-553b-9a7f-c9119fa3f27d", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:387505ac-1826-59e8-86a6-5467dfd8b2e7", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:294faf9b-36a2-5f9e-b398-c71d33635a29", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c39b916-b30a-54c1-a064-ce3fe5ab1b56", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:49448c1d-62e5-573b-bbcd-6dd1feebde3a", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:898eded5-d3d5-5af6-a023-7861c9e2b563", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:84007256-b6d2-59d5-989e-a7cfd12194ae", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3530ce29-6237-5e1e-afa1-7b98a738ca73", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:219e6c27-efa6-5ac4-95c0-b86ad836d480", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc-portlet." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc-portlet@4.2.9.RELEASE-tuxcare.2" } ] }