{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:366f0a38-d185-5044-8543-97c28aed0bee", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-web", "version": "5.3.24-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1856ad7e-f5cc-578e-abf4-975f73b856b4", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83a96f3c-a12d-53dd-8718-57ca70bd2031", "id": "CVE-2023-20860", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20860 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa44e13e-2cdf-5eed-8206-ca8dbf6dc725", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20d8dcb3-add3-55a0-80bc-0599560e63d1", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:677273d6-b753-559f-94cd-15b8df9ef07a", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d4d38f98-bc39-5510-87ea-54a301a4d954", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:41fd6b72-8ed7-5c40-8768-76184de10569", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c07a1e29-6ce9-55da-85a0-8e2af0637c3a", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:611abb8f-4bbc-5707-8eed-7bd84ebd53ee", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:40d174b7-fa02-5fbc-8435-3abcd8e2b1c9", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab71a5e2-01d7-5dde-8c6e-5d74846af54a", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac64d67f-7b8d-524d-9d43-b2e6a387197f", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a2860692-95ab-52a5-b3ca-104a1b54d59d", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:77b270e2-5b63-5434-a16a-0a2646110bf5", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99d15adc-d369-5420-83b1-789e10ef1089", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5088a8a7-863e-5ea8-ba27-80ea41ec9614", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b70ca95-eec5-5e5a-9d3a-e96fce3bc95c", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4dbf5cc-e380-5776-96d3-147bb3fa1069", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a016ddd4-34e3-59bb-a912-5d4b60317c90", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:760f658b-f418-5cf5-83a6-7d9df5ace8d6", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:554d37d9-a9e0-5271-be67-cf999c9920cb", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a57ed62-bc52-537d-ab62-836d98c7e293", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2ae82325-aa53-53be-a14b-46fdaea7a625", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:687620b6-1a2d-5047-b376-d2ba91e6f2d6", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:371cb4bc-33ee-52fd-ba3a-06edf8c4de18", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f1c8b94-877a-5ff3-b81c-bdf26bbc9e73", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5cb322d-a2f4-5243-9d24-cd416c917cae", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99016a96-3ffc-5ce6-a5d6-683a3827455f", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:527d5a72-2f2f-5a70-b5fc-9fcccc59ce31", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7b803e92-31a1-5e3c-8b7b-f1a400476e84", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dcb169b9-fcb8-5646-82df-adf28c3e46c9", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2d88021-638b-523a-b346-62d07f927289", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b084a37-c753-5cd5-9c1f-177ba039646f", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cba6f358-ccbf-5dbe-bb02-22dff7b0ff46", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1bdd1926-366a-5e27-9270-df91a466704c", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:620002e3-f34f-5287-b1ea-351149c06430", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:05722320-2f07-5249-b069-20819821e227", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee72b5b2-0ca4-554d-b078-554ff0dd82c4", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:00866a84-025f-5f65-a379-ba8e892f8988", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.3.24-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.24-tuxcare.1" } ] }