{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:dca1f819-da33-51de-9b23-3fe48e0d8151", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-jdbc", "version": "4.0.0.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7e89886c-9187-541d-9271-d2709c891bfa", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a245521e-507d-5cf3-af70-7dc0e7487e91", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f03c4c12-188d-5711-968c-2b2c971b6cb8", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d6932e7-a777-5be9-9a83-d984fc84487b", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:82c9b79b-835b-5768-9b41-b6402c2d0dbe", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19bdbd5e-5ebe-54bd-bc65-13e5bb13b3e9", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa8ee583-f5e0-5919-88b2-5b8b56845828", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1309a778-243d-542f-9b9d-f85d15ac427b", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f72342f-2874-53e3-a3a2-cb0deb857976", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80909771-6917-50c5-9239-820769bb0e93", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2d45c9d8-0e45-545f-bb2a-00c2cb5ebe90", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cad57540-c41b-5319-a67d-0e6fd8910c6c", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4165e816-10de-53ad-bd8c-48b3600e5272", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-jdbc 4.0.0.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8cf48357-a565-59ca-97d8-91425325d8fe", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:337e6636-d878-5645-b30f-41e1c55a7bcf", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c29ae35d-c4dd-5f32-84b6-e8e993a9aaf9", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:301d5172-fac0-5f60-8b4b-96f9d58a518b", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:22e4d37d-4685-5319-82d6-304e77500616", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:002f1958-cf84-51f9-ab6f-6587a5fd601f", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d7c18562-7768-5d26-952b-2a651ca1955e", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:90ff3b29-c335-5008-8d38-58f3321e8253", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:164d3c54-62e1-58b9-91d9-53450f1ad679", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f6577d91-4c94-5d14-bdac-5ed7a295c267", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:efb9f744-f4a0-5c88-bf26-4940348c3475", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:313b93b4-33d4-52c6-9c2c-038457a092e7", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:275173b8-a509-5d82-9b4d-b871f3d323df", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:25293802-ef05-5a03-b99e-79c15fde0eb0", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4c0d21b1-5d53-5f68-aed8-2eacc218b612", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e683ef2f-ff5c-523f-9585-001b22ead4ea", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f77589c4-2d0f-58e2-9e23-0b7b0cbdd08a", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:01995a09-87c3-54e5-9d06-705452743b9e", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9c47736-dc97-5bff-8339-c822022f219d", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee154a54-65be-5a20-a65b-6fa26fc2da2b", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2f8a542-20ac-5161-bb23-623bbd1cce61", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:44b6e6ec-582a-57cc-a7f6-ea9da50f5e68", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c7e98ff5-466e-5216-860d-57eb649f572d", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1fcb8ba7-3c18-5555-aee8-f7de019332eb", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9e22c16a-d5f9-5f42-98b5-0f153ba1f9f6", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:59cb5f5d-5662-5dc1-97ac-fc4b8686b15e", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc34c41f-4a0f-56a3-8eee-f37bed21037b", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.0.0.RELEASE-tuxcare.1" } ] }