{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:984a314a-32ca-58cd-b83e-7643b416d758", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-jdbc", "version": "4.0.0.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ce9b938f-d7ba-53d5-b60b-a8bd422f405b", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8475809c-d280-5173-9eb2-03e06d2f811e", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:63fa0e78-e071-5282-8d06-20d3393134dd", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:69db1f49-ed52-55f3-ad6e-7406636eae8f", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4d000802-0bc8-56f2-9c11-a1c828691ba2", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6873a2f1-0c89-5f63-9ead-eda35b7d6e6f", "id": "CVE-2015-3192", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-3192 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aa7d43c7-4d13-5f48-806e-d8826bb743cc", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5e534754-3441-5142-a314-c740b702fd7a", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bca77ae2-7a9d-54fa-b346-99e5bb30596b", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:025c1fe1-74c2-510d-b38b-e22b9261b55e", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:049977d1-ea66-5253-ab0a-b8ef16b7800f", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6a1faaef-e9da-5472-b3e4-6668295fa0f8", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3be4182a-cbf0-5a83-92da-6846555231d0", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-jdbc 4.0.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2397336c-6ec0-5c45-b4eb-7c74a94f16b4", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:947fd710-aee8-5cfa-acca-7f9b75aaec1c", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8b9e3393-ffae-5d00-a6cd-d95f2a06bb72", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f3f43c66-8ad0-5ca0-9b21-f376195fe39a", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c693b43c-8e31-5613-ae44-e3f383a7c8c0", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3f40af55-5e99-5664-84a8-eb090d279d0b", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5ff4524c-48b3-5696-adb5-f9918b9bf30f", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:60195763-e1a0-5f53-8692-d511c6fc5f07", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3a2bbf69-66bc-5141-998c-ff3c5076122f", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c72ff37d-e4d5-57bb-97cd-2797037599f2", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5d2778b4-aea1-56ca-8f26-21db3ee6df26", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d131013a-7492-5626-9299-81957e7f94d8", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:01126f3f-b472-599d-bed6-8d66ee2d7f5b", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:04efe3f7-2338-5e4c-8cd0-d9b98b013352", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4c6704f7-07ef-5769-ab83-2fd1936ad5ee", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ce61e91f-035d-5abf-bf64-c6c0f6e4d1c3", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a9625283-54db-5f50-ab50-c41a82c4f2b2", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8ba57413-c283-51f9-9c6c-ef5bb1895cd8", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d32ac16e-8b16-565f-9ed2-cab0a4bd574a", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1602d714-6e84-5af8-b477-99fce89d9be6", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e5cff559-701e-5ec4-9acc-a4c209de9ea4", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5a33f185-23ba-5a66-a877-9f789ef3145c", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e665aec1-7576-5d0f-9fb2-494d549382e0", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:258f0fa0-f7fb-5403-8eab-692cb56fe595", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:426759b2-c999-5fb0-a1ca-66a39879b6e7", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:79f9bc53-2777-5f23-a4fd-6ef795ffb1bb", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7d3cc28a-45df-559a-b3d5-bcd2bc3da12e", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8c767b1b-5926-51f7-a974-0186819bcc19", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.3" } ] }