{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:60c0beb3-3750-5f16-bc81-436d2590cbc9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "5.2.0.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:199d5cfb-b935-59c6-a334-76e8e5fedbfb", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:586a96b5-63dc-5a02-a0ad-25c04bb1d392", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:66f1bdb3-703c-5910-b72d-2629f8bb13c5", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7b50f229-9ef8-5830-9c43-71bf2be8ac92", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3364a7f8-c997-5777-bcd8-a3046326f239", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4075e41e-3c8a-5ca6-b6ea-fbd392da5fb9", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:499ccc40-66ed-565d-a403-0e0e67f1a048", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:529f3956-5c14-5e90-973f-51f3c1209a7d", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:04e6b727-b71b-550a-95b0-03b210137b43", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:343401c7-f090-5e3f-8f19-e23122eb6b57", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:22b4f72a-27c7-5991-932d-6a4ead2b51b1", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eaefb31d-e545-580a-a188-035ea59ce088", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5758d4e-45ee-5d0d-8ad8-a42823d12908", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b04a920-c9ad-5576-9da7-c32452bcf63d", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c6e6676b-b136-5cb1-ae52-d1b8889d5d3d", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:03564d76-dec2-5ada-b19e-b27681ff76aa", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f6d1335-af1f-5e3c-bdaf-7041af7efdcb", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b167cb0c-c5ba-5f72-a410-056c5376e189", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:015f55d4-82ca-5b23-ad9b-66a81a569155", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-webmvc 5.2.0.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:656466ce-19bb-5152-bc41-89cedfc1019a", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:11b8b067-803b-574a-ac16-03264316a23e", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:32ca953f-0e93-59dc-854a-c17ce2cd736d", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ff3e48c-cb0d-58f5-b87e-4d04bacc8ab2", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a02dc85-27bd-5763-a353-3f4fe50244da", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-webmvc 5.2.0.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c10c36ea-fb16-5e17-8211-ffa7f608ced6", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6af2564e-5b2e-505c-bfaa-82a03efde3c9", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4cc7afff-a716-50ee-a3ed-67f90d4d4549", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7974e7b0-379a-51f9-8ea4-a6069f55c135", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:038ee032-6ae2-5c55-9726-338a25582ed3", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e8ed49da-02e7-55a4-a8c4-bcdc4d022528", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f6543114-cd4a-5496-bfd5-8180e9c921c6", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0d8bf678-2140-52f9-8dae-3f7d20078dd4", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a989a0c7-54ac-523b-9f07-16cae5f4c742", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8183e42d-8683-54f3-8fd0-7eb6028dbf77", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b533ad19-5f2e-5562-9d4d-943d9d4afd69", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92a4be72-0a9e-5edd-bba9-310a118f2fc4", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:441005e9-68a9-5c2f-a9f4-f724ef0a7e04", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f09bfbd6-e4be-5e97-b8cd-8ce4983e40d6", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95d7fc85-69ed-5643-bffd-2e746b1b1cd6", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7dacf451-b519-5a28-b9f7-e2f73622a0d5", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f9656e5-83f0-5956-9215-0f21f128982f", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:22b34493-49b4-56dc-92cb-2fa119ccaa8d", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:27de0cf4-336c-5259-a730-4085046c2365", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f6104871-5bc5-58b9-a8af-8783a5467d19", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f84314a7-aa59-5c38-b453-eb9caebe9023", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.1" } ] }