{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fe6d6857-a406-58ce-81b3-d7f617f62fd0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-oxm", "version": "5.3.24-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a7a43fad-1a88-5f55-9537-a72f116be551", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cdf4ed91-cd01-56d1-a5f9-036bc69c0cb5", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a554d901-55e4-5642-bad6-4748d65586ad", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c6111c41-a832-5685-a07a-b7414b91ab61", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:51abc226-7f8a-5dfb-9ee3-546cae732c23", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:536be691-ce56-5dc0-b3a8-9eb788716870", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a0ca163f-88dd-5169-b0bf-8fe74455df07", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6f08f517-5512-5341-ad58-2ba3feddfcb8", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:961391b0-ccf4-552b-910a-096ff715f003", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5b484b9c-8c75-5c24-a1d6-81243cb0468a", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e43f11c2-46dc-5eaa-8d42-572c2b608b72", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:103be7e6-83ed-5b79-b0f6-dbd0bd4dda5a", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c3e3051b-e60d-57c0-af06-9bf6a24d5c51", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:52fb5954-28d8-561e-b10b-f788bba29854", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d686c571-0276-51bf-8ab2-18f41b8fabfa", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e33b7b21-8218-5b9e-9ac2-430c079a9c04", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5008a6f3-aba5-514d-93fb-feeda34fe3af", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1c36a2de-2378-57df-9f26-fdd20205b3e0", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:095d7fdb-e278-5aa2-97a8-c06120033748", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:edb57680-b740-5794-a88c-4c1462aba21f", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ccb67a69-e5b1-5863-ab3f-16b6b54eb62d", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:860972b0-00d2-597c-9850-9ea153b9332a", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:639fe317-426f-5bb8-a239-87d7d3743793", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a35564a1-e16a-5a79-9124-742e967aca4b", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:83877565-36f8-56f1-adb2-5c23475a4401", "id": "CVE-2026-41840", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-41840 does not affect version 5.3.24-tuxcare.3 of org.springframework:spring-oxm. Patches already applied: 7052da453285658215efc1dd5ecb0d472fde2de1 (already in target via 2c11852775 'Backport CVE-2026-22740 to 5.3.24')" }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:552745bd-9add-58cb-bed0-bcc61268fcbe", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:05a5bc66-a124-55f5-9013-0d1b153ab982", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3104bbdf-8672-5e09-b3fc-7fcb3484ac20", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:43e3ee06-06a5-5428-9bd1-53cc9028bd79", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c79dcf36-838e-5d59-8c02-2b735f652ab7", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7e1217b2-f161-51c5-8688-eb00383d9beb", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:72ab25a7-2a3e-5ca5-a307-138a6561ab6e", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e90d8ae2-d78b-57e3-9e02-a38bba0a5a2d", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c9f6f2ce-62eb-503e-b725-73f391f23078", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:86a48b70-9f9e-536f-8eb9-d770ba1ee1c6", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:54768816-6072-57ba-9690-f4215b9fbcd5", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:13a99b9c-e645-56f4-b3d9-30ba18707316", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:63f2ac0a-4e28-56f1-bcbf-01d9a676f6eb", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cc73c52b-d975-5214-9056-01231a0a553d", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.3.24-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.24-tuxcare.3" } ] }