{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a79a9572-86c2-5b82-9008-339b7848527a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-jdbc", "version": "3.1.1.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7e42790c-c1ea-5b4c-a268-ba325cf28696", "id": "CVE-2013-4152", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-4152 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3d2a531f-cf6a-56b1-b857-0ceacc0210bb", "id": "CVE-2013-6429", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6429 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5bba3e1e-6ed3-563e-8b7a-435d4d62a58d", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c3081444-d32d-5edf-8c85-686e0ebb167c", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8261b3c8-c135-5403-96de-1a493f22c490", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6541d212-8fcb-5acb-b6e0-08ef615b2286", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f1fd970e-5c4c-5117-a024-3cd91232e02a", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a5053ae3-d04c-5b02-9f59-7b3784348518", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ef640d1d-9745-5dda-9f1e-9998e9bf9a14", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d2eaaeaa-81f4-5c6f-ad0d-c57999d04e07", "id": "CVE-2015-3192", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-3192 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b3ee952-2fe4-5dde-ac50-96ae0d2367a8", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7ca9b939-0bed-5188-b0d6-4fe7bf9e14e9", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d8d8193a-51f4-5af1-99dd-315c835cff50", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:693f7f80-d4c3-53f4-a5b3-4f4500a86137", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7641f8bc-100f-5519-b987-2dec2c52bce9", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8fe49292-01b0-5ef4-82ea-3fd68b27bd4a", "id": "CVE-2018-11040", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-11040 is a false positive for org.springframework:spring-jdbc 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:adeb4013-fbc8-5d55-9924-40d7fbe8e10a", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-jdbc 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f38a90d0-d3e1-5e61-a28b-d71c0e84e905", "id": "CVE-2018-1270", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1270 is a false positive for org.springframework:spring-jdbc 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d991b41-5437-5fb3-9fdd-2eaafc5d9a1e", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:988de032-dd3a-5d95-b673-3bcbf74b1c62", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:55e7181f-abeb-5d85-b7bb-093e5ea01277", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3aabaac1-7906-5648-a2e6-5049fdb97738", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e40ac88a-c8e3-5f0c-a88d-f4f38ac57c88", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fb0e1400-4a45-5bc4-bdc4-f09fb7d84764", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ce72799-0e9f-5f28-9802-2489b253e1eb", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6c398a59-f5c9-53bd-82cd-83134666dd44", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6746050d-a700-5e5d-a3cf-3989e075b021", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a24b072-75e2-5490-ae9f-934a8c9df159", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9d7ba773-a750-501d-9b4e-07dd89a8d836", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f1245b1f-d866-5914-aaab-5fd2b953fe59", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1bf872a9-7b8d-512f-9a1e-9a8f10a89c7a", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9a2a97ea-52c7-5519-884c-4241554306c7", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13524286-b59c-5a46-99fd-499453528146", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90e8024b-151f-56dd-947a-f3494736587a", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:29f2b37e-a229-5639-8b2c-c97e7321b47d", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8bf7c11a-7fb4-5a86-82e7-81cea0e80f43", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:067d7cbb-acf6-5155-a85b-5e6d13f5e9f0", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3eb58172-04ca-5a82-a7bc-d7fb72e58fa7", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:41d1c6d3-5d5f-5244-ad13-eb56c4fb7f4f", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eff54682-64ff-535d-93f2-1978837d2063", "id": "CVE-2025-41242", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41242 is a false positive for org.springframework:spring-jdbc 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eebf7317-99c7-5861-b532-b10508bd78ee", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:32663bb4-efbd-5934-9ce3-0bbd09a9b55d", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cdc0a5f8-a3c9-5c17-8b90-14dbc693111c", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@3.1.1.RELEASE-tuxcare.2" } ] }