{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3a426ed1-3e55-5e25-ac0c-da861dc3ad56", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-jdbc", "version": "4.2.9.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f01a63eb-98ed-512a-a5dc-b096ecbd89ac", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28bcd3be-5e6f-536b-b5ca-42a06d61f4da", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f7cc72d-ecac-5bd3-be2c-43dcc005486e", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:29c1f562-7f83-5732-8cb7-c98682fd8c74", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:624f967f-fa25-5e29-9aa5-44dfb6039d11", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b86f3865-9c6c-5d29-b451-db3f9c959df1", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d705b5b8-05a3-5cbd-93af-d51288a8e695", "id": "CVE-2018-1275", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1275 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fec2b987-889c-5e5c-ba8e-b9daa2d47da4", "id": "CVE-2018-15756", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-15756 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a47ec421-9ac7-5da2-90f8-2e147e852ef6", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad64ded2-53bd-58fc-abd4-de2a15708fad", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f55e43d4-1307-5f8e-b7ff-f3e3185b4ba0", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5cb8d493-89bb-5355-84cc-ac464954808e", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5c3cc75-fcbe-5a2d-86d9-d11aede3ab27", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1f5f59a-8881-5a6a-9bbc-f0a8498a1f4e", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4493958-95dc-5021-9469-393a920728b4", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a154b89-4fd1-50ae-a676-3552e8cd9111", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2af5e7ed-c6bd-5f22-8e89-0b5af830466a", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:915de982-2ef0-5899-8ead-b6f461e3b5f6", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2eee281-bc37-5958-8794-d4b153d45ba9", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8402ec8d-6b35-5a5c-9433-127935e033d1", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:153d9343-c07e-5b67-bcf0-f7ab3a909c3f", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a2cb25d6-4ed0-5f14-a442-a2ce2bb9436b", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aaf8bf05-53b9-5ba7-9dfc-835cc7d18489", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aba4e531-23ff-5c32-9890-2787a318da86", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:abc67d0f-9e2b-5984-a7af-68db6f28627f", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d728e26a-cdb9-5e8c-925a-d4e5ce4c54ee", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c02564d0-e0fc-54b5-989b-8bfa595d15ec", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83a9dd67-378a-54d0-970f-c22c232e2236", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.1" } ] }