{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5becdd30-571c-549c-a729-275987e172bf", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "5.2.0.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:974bb3cb-d8d5-55d9-be6f-512d6e979d43", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee284272-66fc-5104-8ccb-c792e4581f58", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9643fd81-6171-5ce6-bbd5-7cb63ba83595", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ed45b44-f06c-5225-b7a5-39032970ac9a", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9c371d3a-8604-56a2-a23f-157aff6bf668", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6831e564-93cb-57d7-90c6-908da1b040a6", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:87c4daec-d0e7-5e8c-b870-f207bd6b95b7", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d25d7365-b18d-5f9d-823d-92849c84d7ad", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb15a4e1-5ec4-518c-81df-662b94bf7d7e", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7de3e89c-83b7-5f0f-ae60-574b2497a6e8", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:12b398e2-83c0-5e68-b3fe-a7158b72e429", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e58ffea2-4fbe-52d0-af05-c64fe8e60cc9", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b31766d-0f31-5b1f-b84c-8e43a8137502", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c1dd52f-bb5f-545f-9246-9276ae8a0b98", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a4fca1d-0f0d-5dfd-a49c-d829ae86ef8a", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9e1911c3-049f-5174-bcb0-cd4159f49c24", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5ca6eeb-d15a-59be-b448-33d433327157", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec701bda-4aa5-5627-9f4e-488c8e48f140", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:489cceea-1dd6-5df2-9c59-5167384d1396", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-webmvc 5.2.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8dc4ae66-60e6-5172-8891-45b9fefcc4ad", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:becf0cf4-e723-58c7-996a-91b1959d9fb5", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:384d91ef-2227-5d67-b161-889da82f4711", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c0871971-7e60-54ad-874b-82530a0a5e13", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8547d3d4-24f0-583c-af2e-b1ab9505b198", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-webmvc 5.2.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a9550062-c31a-5789-ab86-0cc88a00d106", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aaf66600-10c1-51ee-9ccf-c0c53ab1c814", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:511f0167-4e0a-5e42-a80d-f189ff14bc2f", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13951e84-cae3-5480-ab79-fec24855b424", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:015bc68a-c6cd-5e00-a0b5-1d4ae8f33995", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:14a45e65-005b-569e-98c6-5a2d8eaabf0c", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3533c653-3a1f-56d3-886e-8892e6146dbb", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6cdb9370-f725-56b3-8d4a-fdec7c1c2cd2", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fd27e5c7-9906-51f3-8074-7c54fe247ef6", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d75d5fb-c0d5-5e48-b5bb-f1e8a13fa69e", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ffc763ca-ff31-5573-9f55-2aff56519fea", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d674f078-bd4a-5485-a4f5-9f8da33d1df9", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a8e7fad9-7121-5ab1-adb0-72ddd9141692", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:22112c97-32a0-5b74-9c20-c26664e7f18e", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1474a6f0-8c21-54ef-9e1f-5007e7c31f3f", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9c8d0775-d96f-5078-9d6c-db6086f261e2", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a298db69-2665-5723-b848-4d3d673ace99", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0831e7f7-8921-5025-8f66-3b1913841187", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37656e9a-a0c6-5539-be44-5cd3f445263b", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:af1f98eb-c7a5-550c-90ab-02a505bb6047", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f58c4190-c499-5b2d-8546-c7c17040bf78", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@5.2.0.RELEASE-tuxcare.2" } ] }