{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3dd88be2-a72c-5d26-8a2e-1d6c742dccad", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "4.2.9.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e4bf2473-57a9-5f2b-a90e-f63a610620db", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3a36577d-a68c-55ab-900d-83ea4f00a286", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:864ee918-b9b3-5b97-ad27-28a9effd070e", "id": "CVE-2018-1257", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1257 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:39ae451a-0049-5e03-83c8-9bb26b1f9dce", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:023cb0f5-60de-54f6-a1b4-a17808d60c0d", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:38b9bd8a-d0c0-5e50-82a9-2a5f0c86d326", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:43b17089-5d73-5d41-b6b0-bbb3d450adb6", "id": "CVE-2018-1275", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1275 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9355291b-a7c6-54dd-b95f-dea4f2cedaba", "id": "CVE-2018-15756", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-15756 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:723b67aa-4e66-514d-81fa-b888ba2a7e06", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0cea8f7f-74f1-5a2a-90e8-0ec9ed650f50", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57091ba7-a9aa-55af-af32-dd1a98de6584", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c74e834d-c3ac-59ae-9f99-73b6c9c46867", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e044c158-9ce7-5bcd-81fe-bde256f69ae6", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:414cc6bf-eb9c-5972-a9bc-f28b70f01e54", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7c0816d-3d91-57c0-9c84-e1c16087eedf", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:65199178-7180-5147-8267-d988e0f27f17", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8123a1d8-e71e-57c3-bf54-3bc43d6f1edc", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c4cdd7c-0d50-52ea-9bae-800c1e69111c", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:01eba974-3b0f-5474-b861-446d4fe7a189", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ae2e5f2-e8a3-58ae-9a3d-36a501ab1e03", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:95a7cf57-87f4-57ec-bf0b-19c75d3f279f", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:518a1365-40f3-5248-85b1-b840bc944587", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ba8a22b-2161-51b6-b332-05b1782ed44c", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:438b9c9b-aaf9-57f2-acc8-4001f85e90d2", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:56939144-1710-5d79-bf48-da0ec952bd75", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3732a919-5b15-594b-85cb-758d99caf556", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7687497-8ebe-5f28-b875-387c7d29b843", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06d0529f-e090-57b8-8c65-d6a8b3de64ca", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@4.2.9.RELEASE-tuxcare.2" } ] }