{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1a71e1af-0ec6-522a-acf0-8270b8fa852f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-jdbc", "version": "5.2.13.RELEASE-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:875e5215-84ee-5529-aee1-6ba43edd17dd", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:033ccd97-a76e-500d-a6e9-4d187392469d", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ffa52e87-da34-5db2-ba05-9814fa0b5b21", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:12c00495-a2b5-5662-bb92-d82ca72ab80a", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9470ae66-7c79-5c48-af86-c19532b8f474", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c8d2ba82-8c7f-5fec-8450-f969ca06c0f2", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:156b1f4f-e787-5041-b1b1-e7a9381f1bc9", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c081e21f-9642-5118-969b-990105860102", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b188c315-052b-5d85-a4fe-507b67703442", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c9655899-b8f1-5759-861a-bd8ebf88c74e", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:59e215a9-d908-5879-857c-30fd633ed611", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dc878db4-6660-5d53-b3e3-76bca2b79f74", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e959d124-d274-59f0-aa71-cbbff26a9212", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:88b96b20-319a-5b32-826e-b2977626f546", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4a1b4e6b-baa5-5609-86ec-dc71ff58238e", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6dc1b6fe-df25-510c-adca-2df1a2d6ecc4", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d2adbb91-5f69-5c90-9c5f-f9358052579d", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ac1a7cb9-2e16-5d85-bc56-ae13a41c3110", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b8d9fdde-e654-51cd-8819-56a99833130d", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0613b998-e6dd-5f95-9622-2073950abee0", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:172be4de-3aae-5661-b3c0-99558bdb0291", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:73916d5a-072b-540a-97eb-ce6807b757a7", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2f559a1a-c9db-5ff0-810b-73ef5be08bb0", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a76f3343-5192-514c-9b5b-7fbee3b1a121", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.4" } ] }