{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b00e9040-7737-5866-b201-f4268ce64369", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-web", "version": "5.3.25-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f725ee6a-f8fb-53ec-aad8-b8223aa98782", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:07a5607a-5786-512e-82c8-da249dcd064a", "id": "CVE-2023-20860", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20860 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:abddc7a9-33c9-53c9-b2f8-f80ed8d6e66d", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:66fa4e6f-9308-5a01-99b0-32b27fe37f06", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df6b27b5-701c-562b-91fe-06c813c1ac1f", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c11b60d-9a6f-53a8-8702-51574090d61c", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:37d95da3-5e2a-5414-81d2-3ec8e14cf2f3", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4657c847-2a6e-54a2-8092-dae01975c9bd", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dcf3fe6f-a766-577c-ab30-beaf8bf80b9c", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:35ff5873-7dad-505a-8b49-fa37f8b7b640", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1bd713ab-5da7-55df-8528-4baf5c78c578", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:496c4e1c-8018-5a99-85c2-0a502d8d26f5", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eaab340e-0aba-5b6e-9d6f-3ed501c07c0d", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1a4057ac-3c45-53a6-8ac0-0cf63b7c5a59", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88624c69-b0e7-5661-bed0-2b7b5a900f98", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:08b1cf13-35b7-59d8-a8c9-f5b0127ab558", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:66cabe8f-1ed7-5345-9318-8c60f930bcf9", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24cc176f-dadd-5b9c-85ca-41125097fcbe", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a884e7f-68b6-59e1-a983-8fb021158990", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e705b55b-7d30-5481-902d-8891fa3ef622", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83907b35-cdda-5e04-b4ca-a33cc1bb0e91", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d691bd71-cf2d-5457-9fcb-80ce1a99fc43", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2fbb50fe-61f4-5ea3-94a8-8307cfdef7c0", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ca10102-fc54-5690-9f3a-b4486e8d4853", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f5421ec-4901-520c-9796-d6f34552ed5d", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f337d0ea-018e-5b5c-993b-4cf5a30b2113", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:41f8dc35-dac5-53e0-9c9f-1e70b1036037", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8fcac5d5-d167-5b18-a556-3118d5794ffb", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:32f20b8b-a063-5d5e-b389-0efd203601f2", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:249745ed-2cce-5db2-9b80-38cfcdbda14d", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f637607d-6d5f-5c10-a1dc-38146a67e84f", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6eefdee5-c51b-5280-a788-b2d0786ed5b4", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:85601c49-31c1-57e2-9c60-30021cccf307", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce066e3d-9443-582c-8a29-21ce1b8d1316", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78b14b7b-39af-5d6a-a05a-7e1a2679f46b", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d033dcc3-a8b9-5422-8466-bdf019ea7a09", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c449e35-3b0c-5342-87cf-27b864a23e6b", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2abaca77-95f0-5a1b-8734-eb448d0616ec", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:edd6a3e0-1df3-52d0-92b4-02ade41f671d", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.3.25-tuxcare.1 of org.springframework:spring-web." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-web@5.3.25-tuxcare.1" } ] }