{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:605ae490-4630-5507-aa9f-6f36f1680fea", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-oxm", "version": "4.1.7.RELEASE-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a867a823-e402-50e2-9031-5af43905c57b", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:12adf715-1325-545c-ba07-48926583670f", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:da3db301-7bbd-5242-b1d1-5da104e0ef18", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:393a79d9-1b24-5928-a48d-794d4d84a30a", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8b5ce197-b26b-5655-93ca-a73887054156", "id": "CVE-2018-11040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11040 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b3422c7a-22c2-5ca0-b76a-180b5d94fea5", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3ab4837e-a0cb-5e3b-a0b2-96c70b524ed8", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a5afbedd-30cb-5591-8a88-655566fe7e66", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0d9151c6-a261-50ba-921f-12d01296f939", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1ca76142-b612-5fb7-a799-9126b17d1410", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:32da11ff-37b6-5832-b93d-6425e0a421e0", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:be5d2be1-42d4-5754-80b7-9e662fe99431", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d9433a88-7cad-5d70-b0db-6cc9a4dfd457", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d102ec3b-fc19-5ef8-9daf-b5d25ddcea71", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e22b41d4-adaf-5d80-8bfe-7fe29ea22d6b", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d8007bb7-9b46-5769-8495-2cafbb3c9bb7", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:10cd3f27-aa2f-576d-8554-8ba6e9055f83", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:80ec34e4-0d72-51b0-85de-635a9dfeb64e", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8cf21352-763c-5aef-b508-f5a79a8b9aa1", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:71bac29f-018d-5734-9535-27a082cf45dd", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6bb47d79-127b-5276-9760-e14b250fc3f8", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ee2cefd0-f830-5e99-a6f0-08c40113fa0c", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ac26962e-36d7-5b3e-a933-e4f421d388b1", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:41d94129-c4e2-5ff3-b976-69908de37028", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:40cae1f1-bb02-58f1-abfe-97181b856f7a", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5f1a9165-73dc-5121-80ab-2e7a5de4fb76", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:47042abb-991d-503a-b64a-005311fa808d", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d59d26ff-2578-5b06-944a-e7651cc882ce", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:42e97b92-20ba-5928-87bb-829cc8c964de", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5ad8829e-3a08-5840-8ba1-f415177c762c", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.4" } ] }