{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:db0900e4-b179-5397-8542-a5c2d31c3962", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-oxm", "version": "5.2.13.RELEASE-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:be9753e4-bc8c-5dad-8ac2-7a8f37d5e678", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ba92dab7-a985-534b-8fe0-bc06966b1549", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:202944da-d4d5-5f95-a345-51e109ca856d", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:28915041-d233-5fdd-a947-9d953d45773e", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ed4081fc-b6db-5158-bd2f-9d6810bdda36", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dfc67704-90bb-5bbc-b390-8358edd4f7d9", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c18d6110-7bdb-54bc-b5b5-202c3df284e1", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ff9a0e16-7298-5cab-beb4-48545b61f44a", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f58927f8-658b-5cff-9946-e54d61bdf202", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:40b46250-3725-51c6-9c39-7cf7a278eac6", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d0de1046-f660-5adc-8364-cbccf1482950", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0d9ab450-b409-5927-aa5a-45fb41076309", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3c9545b6-d956-5f0b-bafa-115b2ad2261b", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bac73e2e-26b3-5657-a9f9-1a0863d2dd48", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:48007d90-1f12-54ef-ac98-009f9cceb5a0", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c4cf5aa3-45f9-576f-9736-fd69f3a300ac", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bda700db-d5cb-54bd-94fd-2a511be19c75", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:305c18b0-e201-5bf1-88d8-a5d18cf54225", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0d6056a4-e47b-5334-90e0-c196a05a64e7", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:36dc5152-7345-55c4-a282-26840da75a69", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:95d5d864-1b81-5ed9-8443-8dd621f6050b", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:df54b6a8-aee6-579b-a169-05041f633675", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:42b6f777-18f7-58f7-abe9-4e033766d132", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:abbcafad-a24b-5c04-bc5b-ee3e3381949c", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.2.13.RELEASE-tuxcare.4 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.4" } ] }