{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8f651175-11e1-5d0c-8e53-3610acfa55c9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-oxm", "version": "4.0.0.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:29674300-9c40-5c79-a3be-ec60f6e39724", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:43f8772d-2c40-57a1-95bc-79d4cc77d639", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e6356f66-4bd8-5fd7-adfe-50413b2b7f51", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f6fe56a9-aed8-5c55-84af-883e02dd8c0f", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f55a1726-2019-5755-becb-55ab9a7cb2a2", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:be61d178-0d8f-5289-ba3f-ebbcabf17619", "id": "CVE-2015-3192", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-3192 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:16e3bf9e-a994-5934-95f6-0140921be5f9", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:461e7e0f-3f59-5f0a-a5bb-410b0dea813b", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:96b90fa5-1759-5ed6-84e9-073db87093f7", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:118eb699-5672-5803-a363-ce6a87b6b1e5", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8b9e0b4f-8e6c-5d8a-8bfb-c6c4d5534afe", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1b0898e9-5594-5fc4-b5e5-8254a7b63785", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c47a7aaa-6e44-55e0-b1d9-f6cdab31f99e", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-oxm 4.0.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4a5921ac-d656-5329-8819-507dda25e8d9", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c085df41-aef6-5ec7-8c60-cb6751f25773", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4d87c5d9-4b3b-531d-b4d2-baf6c145aa19", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cece619f-0d4e-5795-a37d-58ea74069b05", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7bc0b175-61cf-5d5a-b699-40de772a85e8", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c845f345-980b-52b8-a7ae-7c6febdda98a", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1ce3194d-01ed-5b0c-a886-c4d0eaafb9c7", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c13c2f19-74b7-55a8-bcf0-a882dd7e9ef5", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:85181c08-4ece-5189-9ede-29e577288ca8", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b7cb993f-eb40-5a73-a13d-d04a718db5ff", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:240cbcd9-1ee0-55a7-9030-9c3f9a6a2ee6", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fc9c1a1f-7c95-52a3-aa5a-7a7b0807d764", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:beef1c4d-cfcc-5198-8621-fca4c8575802", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c094f0b9-c364-5ea5-a315-2b8c1eaa5b56", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f47e3878-542d-5a96-b4a2-6f1703dd0bf7", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:884f0c14-3fb6-57bc-8d6f-1adc3a0971d4", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:06e01e0e-6d06-5064-8a81-1cda0ae21ed8", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac05310c-0027-5e49-b226-c100582dd60d", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:17177928-29ff-52bc-8ef6-2c0805ee6710", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9157a707-a434-5c43-8069-bbdc4d53f55f", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8384d50d-c84b-5925-9529-04001118d8a7", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:19f6f5da-74d4-576f-a182-167a4b8edb27", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c4bfd632-68e9-51f6-8b12-8ddc27e25585", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:17ce890c-ecd1-5e82-af12-97668ac06636", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b19de29c-fc4e-50c9-892a-8f7acebdcc1a", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b30af223-feb8-5b36-8deb-39abca19b286", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:51321c21-6c1f-554b-8480-5b10fb79182d", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:09225f2b-c7d2-5eca-991c-e8378aaa6b71", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.3" } ] }