{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b2e523d1-6623-59bf-acca-13f4f865c48d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "6.0.23-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0a12eb5c-de11-5b6d-b396-4753f70a7ae9", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 6.0.23-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9f01563e-c3aa-56cf-ac96-540043559f94", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e5c13d4a-1078-5248-8fe3-00af1687553d", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1634c524-426d-5d5a-a075-22c7869ebcdf", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2141cd1f-aeab-5981-b198-151b2b1a93b8", "id": "CVE-2025-41234", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:17c85eaf-dc86-5698-8dba-89320ecbaa18", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 6.0.23-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b227bab5-e8dc-5fda-827a-3585e30564b5", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 6.0.23-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6bf909a8-7d6f-5de8-9f79-0ed56dbd5980", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 6.0.23-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9ecc1c05-1899-58df-892e-098ff835c986", "id": "CVE-2026-22735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22735 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:34149d05-9c1a-592c-833a-bf1dba489cb7", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 6.0.23-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bc22ec96-cf93-5978-b199-81926e563f9c", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9ea74794-58e5-554b-bed0-8205c1d0cab4", "id": "CVE-2026-22741", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22741 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:29d69167-f3f9-544a-b482-249124007aad", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 6.0.23-tuxcare.3 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.23-tuxcare.3" } ] }