{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:88275f93-49bb-57ad-915a-3945e96456ee", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-oxm", "version": "3.1.1.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f1477442-32e3-5129-90ea-c76f2c50b9d9", "id": "CVE-2013-4152", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-4152 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6c3d16ac-43e7-5283-b328-508d49c3d61b", "id": "CVE-2013-6429", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6429 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fe7349b8-1235-5be4-8fbf-332e7a81f488", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4828341d-8ad0-5381-9bb7-6c02ee40cd28", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:46e60232-6beb-5918-8a55-480c85cfb81f", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d88473da-a4e0-55b5-b561-1c1e4f3090c9", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:43db028a-c9f6-5b9d-bdec-5aad0ccb0879", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bda06049-1bcd-52c5-947a-23ec868b4d29", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2071c949-7981-55b3-83c8-c9147aa920d2", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42ae0c66-06ec-509d-a41b-6c0dd14ab99a", "id": "CVE-2015-3192", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-3192 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6f410d71-62e6-5183-9274-f2813da70cee", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c84a3189-43c2-52b1-8d86-ec6687499cd6", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91a0bdfc-33ad-59da-8d53-2b7750fc7531", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a038945-4bf9-56b0-849e-99bf75fbb87d", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8cab5ae7-b023-5b7c-a1b7-0f6d090e13fa", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5bcacf5e-069c-5f0b-ba4c-48f3cb05e199", "id": "CVE-2018-11040", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-11040 is a false positive for org.springframework:spring-oxm 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7016750e-3ad5-5832-a9bb-b64688433359", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-oxm 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ea07d68e-0eb8-50f9-a290-82b1e5679584", "id": "CVE-2018-1270", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1270 is a false positive for org.springframework:spring-oxm 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ad54a68a-510b-552c-bfd4-b7f91eee7c08", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ed9c9ef-c71e-57d6-8d0e-fd80ad90e5d4", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee7cf9a8-c8d8-58fe-b2e7-1950ed11246f", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c8ac61fb-f0b4-58c8-9732-23cddf0553db", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:989c1deb-a926-5949-84ca-edcdd31af18d", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b367f52d-f3a7-515e-bee4-87a61acc21bd", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:98fbf8a9-d508-55ae-a07c-77e1d50576b1", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9fe3d66f-2901-56f9-815e-df4a2f1907b0", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3a06f861-0c87-55a0-ad44-7628adbf7bd2", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9fa0ceb2-508c-55e9-9c13-19f0bb41ee21", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3a647a2-2966-5496-ac28-00235aefd231", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6fe488c7-7170-55f2-96fe-7fc78f275629", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6055f4cc-41e3-5b08-bd50-adc3db5f7443", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:82457826-ae8d-5887-b8d7-92735baeb8c2", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7fcebcb3-78ac-50b6-85fc-ba9ed9b80d90", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7950e32b-0b4e-54e2-850f-fd6422a45881", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:88764fcd-dd4e-5462-acfe-188c51a11e3d", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3d413059-f8ac-543e-b0c7-69e5ee45b740", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7347e2fe-dbfc-5190-bd1e-32ebbbedada2", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76c4b24d-f053-5e34-8834-ac8fdd76ba52", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f46df6ee-4798-58d6-a52b-a3d06a628bd4", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0cc61bdf-25cf-5084-9b36-730a93ac3fd7", "id": "CVE-2025-41242", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41242 is a false positive for org.springframework:spring-oxm 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79535c57-85d8-5882-83bd-b2d050177754", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7f54317-ec04-5795-ba17-e163a51709b3", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b894a7e0-01b6-5673-a6eb-5ff671d9752c", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.2" } ] }