{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5b9b8c99-433b-5836-a3ed-eef872bb3a44", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-jdbc", "version": "4.1.7.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7f8641b7-f755-540a-9865-cb552afcc5ab", "id": "CVE-2015-5211", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5211 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0d0aca1-5fd8-5e24-a929-dbd11df624fe", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fcec9b8b-6392-5a46-bee6-fc7e8e310c65", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0739a22c-409d-531f-9d9e-e52c4a15665a", "id": "CVE-2018-11039", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11039 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a801a614-fa23-5c12-a870-08d053b2ca37", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c607a6d-6e04-5d06-b2b6-d14a86477053", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4c591a33-0bac-5af1-b474-97cc7d53e290", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a86ae148-cbec-5c38-9f26-f4d04d9e4600", "id": "CVE-2018-1271", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1271 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1457b2e9-9c39-54a9-8af6-61fa92877efa", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8573067e-055d-5d44-93a2-a32ea1e014d4", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23560d6f-a78e-5927-aa5f-3ba52918e9f0", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:67dadaad-b2a2-5b98-92e7-5ae12a5b95ef", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e52137f-f6f9-5495-bb34-aa7975ad829f", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:242662dc-fb84-5ae5-9320-bfa8a9bd73ed", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1ac3c04c-c54d-5f77-81c2-011f73640c3f", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7e78fa05-c3b3-5441-b9b5-af3322ed38e5", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a7e01518-373a-5f97-a1ad-b7870db4259d", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a9ed59ef-954e-5562-91ba-3d278e03df4f", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:17303411-7f95-5fc6-952e-6e57db224ddb", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be5f2ede-bbb7-5414-9ed5-79e918057ae8", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:834f3401-b5c2-534d-8fe9-43ff5ca5461d", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b13e1f05-cf53-534e-9b3d-9a313cf8fdf9", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bed488d8-5c64-5453-9719-395f8b963836", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:15430689-3875-5c93-ace0-15b0980e9959", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c799395-5258-5f0a-ac54-4c19c342c802", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c2b9cfe-6b14-5950-bab3-4a25c0eca14d", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db81c046-b599-5d12-90b8-c46a0da40575", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9875785d-6aaa-5775-a920-147ea72f8347", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68c3e924-99a8-51cd-a3f4-374e7c46e5a0", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.1.7.RELEASE-tuxcare.1" } ] }