{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fcb493a1-83ff-50f3-892d-065bec7addf9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-webflux", "version": "5.2.0.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fca5bce2-ea0f-54cb-8374-bbcc4db9b10d", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d8fd4e1-10c3-55b9-8ac6-a0bb27dcf59c", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc5743ca-500b-52e9-b681-e4108f0a9ded", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:62019524-8fe2-59f0-99bf-8fa59e91b853", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eb967cc4-1fbb-5981-a8c9-5aba66309392", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f87dc4b9-df1e-501e-bf16-3aa5e492a844", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:182a3fda-7c6e-57b9-83a4-d21a9c62aa47", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dbff3728-085d-51bb-89f2-0c5d853b9c43", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:37749fd9-f443-5040-be3d-9cd44f08470d", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a33305b5-4eb6-51f6-b436-cc5998b3ca7e", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:508f41af-bca3-56ed-8ae2-f84ebf9e2358", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19b521f5-05fd-553b-92dd-76a554c7ddda", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:887284ba-4db6-5d5d-af35-8cfab3ae726a", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7beb918d-93ab-57f5-ae58-09a71f34c5b8", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7da464b6-ece6-5929-8e31-d433228d8419", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9414022-b2c4-5ae0-8adc-610866c91578", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd3bc81b-4661-58ed-94b2-9f2cebc0a890", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:886bc4fa-a6a6-59c4-844b-255fdb9f6650", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d573a1f4-0d96-58b6-aadb-3f8100e699f6", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-webflux 5.2.0.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f7302a20-922a-5088-a0a1-7b6902e0fecd", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc4c5dae-1837-5c76-92a8-c11949d575ff", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21c35a0c-3040-5579-8008-b23ad2f29e06", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae7257d1-212f-5b74-88a1-c3fc388f143d", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e454db1-700f-5f99-908f-f744bac04231", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-webflux 5.2.0.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:39dae541-3aa6-5c69-afd9-c54c24a201c3", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64a399e9-200f-5f78-8a00-d39df11eecd6", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d02ec791-ea8e-5c92-af5e-67eb193888c9", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7ac0d913-e1c7-525b-8ef3-e68a4ad6c5a5", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1a4be9b5-63fd-5432-b6f9-937de953817d", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23789912-bc31-5b32-bc76-0c179e84d85f", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a2fe8737-5c7f-5375-b8e7-f328acdce7d1", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:325da00e-347b-575c-8b40-fe1a1e08ac29", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d36ce0ed-c580-5b49-a1de-a4eea4b1fa05", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b81c92ec-7d5e-57e0-ae33-b8c203bbc2c8", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:04510367-bebf-56ae-855e-61a9fde88ceb", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:10b4a017-3a90-5855-9afd-7109387f9007", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c6509847-3897-5815-99c0-54e1b0b49fcc", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:abe0a970-31c9-586e-bcea-6f255a5fd299", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce353d91-2525-5533-b15c-3a90e12d49ff", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4f3369a7-4206-53c8-a63f-eac64858af6b", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28130aab-d88d-594e-92f4-c989681f0b3a", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72a88de0-ab22-5f71-bf81-a75e6bb06fe8", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:45d1b5e8-deaf-5d54-90a0-676be4c93d8e", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e46cd03d-cc8e-57cd-a5ef-fe12d97744d4", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:360c2613-5056-5214-81a7-19c9ad74e0f3", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.1" } ] }