{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:99fef929-c03e-5d54-8dfb-9e2e44aea5d6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-orm", "version": "4.2.9.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d753091a-4722-5807-942f-cec9111feb7c", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49d91303-56be-58ad-94d9-caf35b8af775", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3e728bb6-9dc2-5be7-9543-7919fac9b2eb", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4ee9e5da-e8e1-5283-952c-d34c635df140", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:247e9091-5751-5b92-9325-64a174e1fa68", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4ddea74c-6b24-575a-9879-1a2d97bf6ff8", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2ca6ead7-7cd4-5305-8982-457914cca765", "id": "CVE-2018-1275", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1275 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:84466769-8de4-5260-bcdb-b1ba28a08335", "id": "CVE-2018-15756", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-15756 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d5439ca7-c802-5396-a1d8-2e9454e30b1e", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2851e94c-436d-59c8-9944-3b5ff7736234", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0186e18f-ad90-5c3d-ab69-e8c29d560a22", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cfb00baa-ff53-50fc-8fa5-7b8ab9626cfd", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:522550d3-5d2d-5a83-806d-6de2a7ebceef", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1c727bc0-49bf-5afc-9ddb-8454d78cc08d", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e601a92a-06ab-5972-b50b-f0f28a9195bb", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b465ea9-a07c-55d3-8ff2-0079049d87de", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:82b3a763-f15e-5dfe-8c5f-a3c98bd77c0c", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:26bc037c-2f09-5e7a-b945-43d086d4a62e", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe94d50e-33b8-5060-9a88-b7ef1cbd3f29", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d59766d6-7664-5133-987c-f81c0d86b90e", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c576e27f-a300-5671-b858-410423c8083d", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:273982c7-24ea-5b14-b02a-669618bcefd3", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:71eb3935-424a-518e-91aa-54d8ea740a3f", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:faaec786-c66e-5c09-82c7-0c73e98a41a7", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d95791d9-697a-592b-8f91-1ea1d38e2aac", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ada01566-5a7f-587a-8568-9f1515cc0271", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:580c6d69-7a18-5e17-84c3-123627a8049e", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:43e91739-c7cb-5ead-82cd-b86237e35900", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.2.9.RELEASE-tuxcare.1" } ] }