{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:635cc9ae-9ea1-5f79-b502-192ad77ea3b9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-webflux", "version": "5.2.0.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:50c7dfda-4c15-584b-a18a-dbf313d7283b", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b6bda03-449a-5791-bd1e-8d9bc93a11a0", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ea9ab29b-234d-5afd-bf19-b810d925e1ca", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4170ea11-bbe0-5a4b-af75-38f39d9cff21", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6121b099-c7f5-5b72-bb36-77b2732b461d", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f67a6329-584f-59c4-8bd1-155647fbad24", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:387a86b4-ea7d-545e-8cf6-5be781328be0", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:49ebe3a8-df9f-5b17-95a8-2c635cac7d8a", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e9c6811-5e09-5648-9108-c1f9c8b26265", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5cf6f8d3-c4d9-526d-90a8-e5b8a27a0031", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3652920f-002d-56c6-8c76-06bb6bb40322", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf8195e4-70d9-5a25-a1c0-5825ffe556c6", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7b03c2a-d274-586a-995c-76c629fefc63", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f619751a-fc56-5468-b6f2-715c74600245", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c478dc1-b454-5b66-a45c-6877804aeec9", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15bb9231-2fb3-535c-bb16-b72014d626fd", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:01f03516-71f5-5ce0-a667-cd603fcdf7da", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a6846c8-b0db-52c1-84eb-c5853876264d", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d58fe4ea-df42-58b8-b6da-1e8c25e6cdfe", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-webflux 5.2.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a727433d-4e07-5cde-bdbe-7dcc89a557a6", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6876c6da-d190-5e88-814f-c3452e912e3d", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0535a766-991f-5246-a8e0-86f60528726b", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b439a36-8ad4-5575-8455-ffc124e39ce8", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6f679fd1-c740-5ccd-b8c5-bfb555110d47", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-webflux 5.2.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b67ed9b7-9502-5abb-bef1-348f5f6307a2", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:64e311c9-7ced-5d76-8557-0627f5dab364", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b6f16de0-14f0-5f9f-b5bf-54c0296b4b76", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:26f8ff70-cb2c-5ecb-b8bc-0c6d8806a951", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b0e7f7b9-09cc-5232-a910-5858e82e1be6", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d6f01732-f819-5a1b-ba56-f0f2ed582fc7", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2864f546-e79b-5e27-87d2-8b7080ab9a5e", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4814b37f-bbf2-5a90-b9b6-5716d807b64d", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:faeed930-34d2-5704-bd22-75092dfc80e5", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d75c34e-ce7f-547d-a5f3-67eac093c1d3", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1d063c97-8bdc-59c1-9f83-d6ba4942374c", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3a55fe80-181e-59cb-90d8-8945543505fa", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf3bb9af-227b-558f-b51c-9abdccac078f", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36f42764-07a3-5049-be90-2f76195bb579", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d5fe779-3d6d-5987-8049-7db6c8365b23", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f60362e1-4530-5576-b5b2-0818d81960ea", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:785efe51-11c9-5d31-a0ef-93f01cbc7b0b", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:707e3d1c-b6cb-55f9-aa9d-1541fb98ac68", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f723d23b-9852-5e90-b7ea-8d29ca3a376c", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0296b720-423b-54d5-8299-acac478a9877", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:febc427b-bee1-5841-9361-c7fbb5ffdbe4", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webflux@5.2.0.RELEASE-tuxcare.2" } ] }