{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3075c895-0b10-54ac-874b-32b795975869", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-oxm", "version": "5.1.5.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a7a4c443-e9b8-542d-941f-961b05dafc8a", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0cdb12f5-d4ac-5567-a398-d84322151e1b", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:61cc7c3d-d4c6-5630-8dce-bf8b399e7392", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:218af1ec-f990-5d08-b7b1-e695d78575ed", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:39ea9164-aa5e-5941-8919-0a435eb19576", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:84641c99-3162-530f-b096-d567ec9843b0", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5410553e-a859-5757-bbfb-5c5fea73d615", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b8bea6d-0003-5b38-8375-5879889ab673", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fd3f7e55-5cd0-5e40-8189-0b005be731ce", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9c73f455-02aa-5910-9eb7-6cc241d448d6", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d6f94a98-6faa-589e-96e9-d1765368e370", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:348a4046-994f-5b75-9f64-4e0d2ccf776a", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3889b38d-40e6-55c7-8127-f7506b31a7ed", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:54e3cb7e-9f99-512d-9e51-440c0c1b472b", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2dcbcb24-4c5d-512c-9ee1-c234845810da", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:175a477e-c894-5c1c-931a-81594d7a2a26", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:32085221-38f0-56d7-835d-20b6449ca3d7", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-oxm 5.1.5.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b8120ca5-3860-5d48-90aa-6633f7b3876a", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3e6ea0c6-1edf-5964-8317-ea76af6ed2bb", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7dd3510-ce06-50ec-b958-6bf854a1607e", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0962c25b-6249-5cb7-8075-fed8c88b2673", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:af105cc6-300a-51e8-9f77-d731732725e1", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec587d95-95db-520e-9399-09aa87f9aa54", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dabe76c3-28ee-525a-9948-77ca37bfbb06", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f35a3f18-0773-532e-a765-f8aec046d8e2", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:885417e6-44ec-5d09-a02d-510b082ff328", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97f54c7c-56f3-5cbb-90b1-6825b5c6b259", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a8930e6b-ba7b-5c40-bf76-40ea1f18f40b", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:48cc5ab9-8038-5c83-9241-d607961853ef", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.1.5.RELEASE-tuxcare.2" } ] }