{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ad232083-9b3d-5455-aa86-3e7dacfdce2b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-orm", "version": "5.2.13.RELEASE-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e0621eb6-789b-56f5-a0c9-b305658b7b33", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:21d96ae8-92ca-58f6-808d-dd552b372b93", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bb686af5-9cd5-5ecf-ac53-6c7bada5f4d0", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:92b4beb3-9dcf-5cbf-910c-a82f895870f4", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a089b22f-1b94-537f-982f-3023fd0b1d37", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e79edccc-c9e4-5de8-9ac9-8beff148df0d", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:82a9bde5-ad19-56eb-9ade-3dbf0102a753", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8daac2d0-c647-5f43-910e-f5cf39e71dcc", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c10ad145-c12d-5b91-8e4a-2cd2e37cfe62", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:38490ca5-db61-5a73-972d-451c9eac316e", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:530866d0-fe43-5790-aa27-ac8457aba942", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:42dad2c8-2fb0-5aa9-b4a9-e037cb7ff4ac", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a129786b-68c7-52e5-9abb-85be3f09f3c9", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:80b4147c-157f-5f70-bba4-9c8dcfbb7e04", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:869428ef-1d36-5f77-ac14-0899388fa31c", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:20c14e29-abe1-5ccc-8342-1deeec1f27a6", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a0f8d883-1d15-59e3-abec-62f040b0c212", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4241a50b-64fc-5326-9da4-ba0fc532b5c8", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:022592b6-f649-5f0d-a997-7f6f08d5e56e", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0a34e255-f66c-5bf3-8e2f-44b5d97a5c27", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:47fdba1f-f429-5f29-98cb-5843880cab32", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:426586ff-32c0-50d0-92f2-b6679b5d3f69", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:03488aa7-372e-55c6-bd5f-1ca5edc56397", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:91cd7d7e-211e-5370-9b29-bda839984096", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.2.13.RELEASE-tuxcare.4" } ] }