{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3def8872-2a53-5fb2-bcf6-e7de56bec7bf", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-oxm", "version": "4.2.9.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0a3f934b-bdb7-53d8-a033-624443307c9e", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80c4de8c-143d-5efa-936e-d9fa21c5e2f6", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3270c124-73ce-5985-9cb7-9f32aa422e2a", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:819c8b59-2548-5941-b890-a632c3434a1f", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e235821a-0e61-5f89-b978-ebdf710b0aa5", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:847a6fa9-0226-5f78-98c2-d7825f9f96c0", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:802cee1c-a9c2-5581-be88-18e355164bc5", "id": "CVE-2018-1275", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1275 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9157fc6f-a063-5765-8cdf-17e30bc87ca5", "id": "CVE-2018-15756", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-15756 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3c86bc22-d782-5d21-9921-8199481808c1", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:89196759-38d0-554e-867b-6b6a0ce412b7", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5be9c1d-f2e4-556e-a327-c530a8ac11c0", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:beb9ad51-a964-5a74-8b42-28c9d30e4477", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bab19cf2-3b4b-5809-b58f-f08c67880468", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8aa8be9c-716a-5106-919f-ad4275ef8948", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:39174027-42c1-5956-a89e-a2265517800d", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:faeedc96-dc95-5d81-af3e-c10afaf99610", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f532cf9-f1ab-5ed1-bd5f-e02328f43227", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e099a6e-b6a0-5d7b-8729-2902a02f3526", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a9c162f3-03d2-530e-a92f-957d387381a8", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:37611b71-b3f3-518e-8289-9fba4a17eece", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da02aea3-00cb-55aa-90d2-be18a3cd952d", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:79ac5d73-85a9-5006-aa83-c9524b20dbcc", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:27230756-6280-578f-a95f-d6f36bd459b5", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0405c5cc-2e5e-565e-8b23-e24a1870c8a2", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e8fe85c8-a4c7-55d4-bf33-0ceccbfa2367", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7b5a3c72-3635-539c-8526-ed136c5e51c4", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:27d05d12-a50c-5186-99a9-bbd4c3a144be", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eeb1cffe-c9eb-5802-8ecd-2681f3514a44", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.2.9.RELEASE-tuxcare.1" } ] }