{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9c5da404-d2aa-58f2-a773-3112667f2992", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-jdbc", "version": "4.1.7.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a46b4f29-d9e9-5699-ba37-3e37441ddb5b", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:994962eb-a665-577f-ab0d-23998f12e0c2", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:05920cc7-ba13-568f-bdf9-2c44043cf06f", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9ae3f25f-9161-5d1c-aea3-615be949d554", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:427504e4-46af-52cd-94d9-fb89f578b879", "id": "CVE-2018-11040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11040 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3e1cce12-2464-5113-b141-ba0a2fe3c602", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:58c9b1f8-364b-55e1-85be-ae4170dd672e", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cf5b11b8-cc02-5ad1-9b67-831cf6360e5a", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b9869ee4-f126-528f-bcc0-7b34129d0119", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:572e3b7a-a782-5719-92c9-f90e09da4edb", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5292f036-aac8-5061-8528-a97c997c21c3", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:37a21729-1729-572d-9aae-acbe75254150", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:475721cc-80b0-519a-acbe-75730c823d83", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aac6c667-c4d1-5895-8dcd-6aa015a9ce33", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a596d701-c4e5-5495-8eb0-a12818fea831", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:89ed85c8-0037-5557-a02c-c49a25c1de6f", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7f2dfd8f-5731-5ac2-9259-a9b1075f7360", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d06c8834-f98b-57c8-953e-d71836aaac70", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:617cc32d-4fda-5d0a-bbb3-4dfafb7c7399", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:33778324-7f9d-5a31-9887-eea363eeb738", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1f82ea93-c39b-50d9-8386-35d86549a475", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:81007764-99b1-58ca-b06f-874681e06153", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d97d6386-61df-54a2-85eb-919487b5c72e", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ce7e5e64-f920-570b-8805-fb7ab06dc284", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:51335b6f-9b12-547a-ae31-e5bfebe3c89e", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:446468b8-3760-5cb0-b0ca-546f3135495d", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fec5ee95-47aa-507d-8791-c09c051a82d6", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4fc91e61-a3a9-5f58-8b7c-4e75943a5b97", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e8814ccd-e70d-5c8c-9077-5a58b4d39e70", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b235088e-f0f7-58d3-8447-831b7b0d807c", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.3" } ] }