{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5446f3e1-628e-5cd8-9a07-b55eadbf0366", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-oxm", "version": "4.1.7.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2e9dacc2-2b53-55c0-a4d1-57438f6a03e2", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4ae357bd-012b-5400-bb2b-6be35c3c0ee2", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6fa85fd4-1c46-50e3-9a70-c6b4036a824d", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a6a7d06e-ab70-5a39-9f7e-98a520402a80", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:54a483ba-d491-59d6-9ba0-f52d16d9441f", "id": "CVE-2018-11040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11040 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:13089a90-71b0-5d1e-8ff9-537c08d9f41d", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b056eba9-0a96-520d-af50-d58c9faea211", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b267ec7d-4de0-5700-9029-e14fccd04eb6", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0f4f3e9b-2a7b-5dac-8bfa-6b2e74b72357", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c428b1da-97a4-53ec-b3b4-378903e85907", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:242a1cb4-e086-5f71-9003-66006623e31e", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b811734a-d149-5496-9913-f3496cc29dba", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b68fba28-3583-5f17-bd44-0c5812051ca2", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:35f1aa06-1648-58ae-beaf-ad38043a30dd", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:690f87f2-9c82-5758-9909-cfd6cb7ec815", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:be32cafc-5402-5236-8b01-0a67cef3f153", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e4a037ac-c241-5fb7-bd52-dab8d14ec176", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bd58a8e1-581a-52d5-9f99-fc68212b21c0", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:53168c33-d723-5b51-bf3b-978906eac376", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8b07821b-3926-5c6a-ba6e-60ab129dcf0a", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f95cae06-188d-5be0-bdd3-727b939ad8bd", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:593091bb-21c7-56ba-96e4-7ab599c33922", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9addb7dc-e82d-53a6-9b5d-6ad55c5dfc63", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4524cf20-f6c9-5362-89cb-54598f6d7736", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:98ffdc37-93ac-5409-b2ca-fdb1836b9a36", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:37a1fe5c-7287-52b6-b047-c2120633ff19", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:69c5ccb1-d1e7-53a1-8280-2aea3cc28519", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e4e198e6-b50a-5d3e-8786-4ca47aff5e3f", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:82eec923-6b6c-5617-bc14-b3dc4352f615", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1397fa7f-f70c-5659-a704-71c0b9ba493e", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.3" } ] }