{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:08cc20e8-bf4c-57fd-9602-26696da174b0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webmvc@6.1.21-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-webmvc", "version": "6.1.21-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-webmvc@6.1.21-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6e7a6f3e-c3bd-5962-bb14-04fad87acbe1", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 6.1.21-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.1.21-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ab9e24f9-e092-5385-a751-febb34e0f4cd", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 6.1.21-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.1.21-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a3db083-099e-5c14-bab8-729231763590", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 6.1.21-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.1.21-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a868431b-0996-5aef-81eb-df55edd58cb8", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 6.1.21-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.1.21-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:09ff5f9f-83a9-5030-8af9-4ae5b6212a9b", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 6.1.21-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.1.21-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f1d72702-8755-5aa0-ac31-03d3ae2d765e", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 6.1.21-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.1.21-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:62c0ff34-6303-5df2-8611-535eced93e4b", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 6.1.21-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.1.21-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f072184e-aab7-5155-89e2-e85d2c4f7495", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 6.1.21-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.1.21-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:af001c2c-d467-5c83-8c5d-38305845b280", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 6.1.21-tuxcare.2 of org.springframework:spring-webmvc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.1.21-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webmvc@6.1.21-tuxcare.2" } ] }