{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b81a7a0f-3dcc-5189-9a6a-6240a354ec0a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-webflux@6.1.21-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-webflux", "version": "6.1.21-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-webflux@6.1.21-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f80976fc-7e25-533f-a623-cee69b340b9e", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 6.1.21-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@6.1.21-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0c3ae5e-2d14-5c48-9302-43eded6e58d2", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 6.1.21-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@6.1.21-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b738442-81ef-5e83-be84-df8e93dd2205", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 6.1.21-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@6.1.21-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:642420ef-c12f-5834-b2d4-0d5a05bd0b4c", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 6.1.21-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@6.1.21-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a62f1bed-6b31-5a62-8fa8-2689d2a075bd", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 6.1.21-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@6.1.21-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:67b76ab1-b707-5284-aa4a-3a39f34a4f64", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 6.1.21-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@6.1.21-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f4589ba-3813-5da8-9e04-d1c20d0fc78e", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 6.1.21-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@6.1.21-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0cbb240d-27a8-5881-8ea2-7c1d76208a23", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 6.1.21-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@6.1.21-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:840bd5d7-b745-522d-9379-29957a1507a1", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 6.1.21-tuxcare.1 of org.springframework:spring-webflux." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-webflux@6.1.21-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-webflux@6.1.21-tuxcare.1" } ] }