{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:25311097-43ba-5c05-87db-54a3b9660695", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-oxm", "version": "6.0.23-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cac822a3-4a46-5af9-9ebb-f44731e855a7", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 6.0.23-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b2c2282c-c0df-5f20-a501-f22451d35b6a", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 6.0.23-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:48ba7ff4-0936-599e-9c17-c9449e858ba9", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 6.0.23-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f8fe620-a43d-50e8-b7d8-bf8c7d78d70f", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 6.0.23-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:46321645-ab49-583f-b1be-d7cd915bb304", "id": "CVE-2025-41234", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.0.23-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e2130abd-8474-542c-a898-2bf73f969627", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 6.0.23-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f41050ff-6e02-5a6b-81a9-188ceb0957d9", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 6.0.23-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36ef4288-20b9-55aa-be14-698c202b8f3b", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 6.0.23-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eac1413b-51f5-5afb-870f-179b6d38bd48", "id": "CVE-2026-22735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22735 is fixed in version 6.0.23-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5584d15a-321d-577e-a3b6-e740f85f6733", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 6.0.23-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fdef1b07-c8cd-5e11-b007-540950484687", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 6.0.23-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c746d2e7-c2b2-54fd-a32e-2b4f175c6acf", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 6.0.23-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bbb80a8b-6e5c-5b1b-adfd-05d49abb8b58", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 6.0.23-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.2" } ] }