{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a443e59f-a9c2-5159-a41e-be0575ab3fcd", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-jdbc", "version": "4.3.30.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c5be1514-a5bb-5631-856b-6067931ce82c", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b6c23876-d03a-54ea-afa7-99bf30752151", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed80613e-1b78-5086-aa61-26841a0313b4", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:24a4ebe8-a0f2-5a5a-9a36-0c80d659f2bc", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf44eba7-91fd-53d2-aeba-5e0bc6e574ac", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5314344-4747-5462-ae67-ab6056f8fc2d", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37b97b56-760d-5067-822a-16fed13511d4", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fa28886a-91d6-575f-b7cc-2b7e9e915a20", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:625904fd-688d-5c40-8896-f306cc899bef", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90412d35-1002-58b0-befb-a5e732497df3", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8cdae117-03e0-50e9-945d-59b2105ff705", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1f665862-17a4-5f37-99c8-31af776dfbc9", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2bacaa91-5a6e-5330-82af-0abbdd58edd9", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ca240c6-7faf-5176-87a3-1f98a7be929b", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f1f180cc-5497-5214-b0c8-c7dde742f11e", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:64f611a4-2a37-57dd-8d6a-aa90d511ae36", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a4445309-fec3-5f2a-8905-fb3fbdb9a870", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:03081030-341b-5926-b175-dc07f567263b", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:135722d6-703c-53f4-bf89-2740d459e43e", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c7ce7a07-0cc7-558e-b1bc-50381e6d3750", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3d38ab1-304b-5feb-a34e-c5884426773e", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d61ff008-39e6-560c-a97f-487ca8e949c3", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf02d06e-b1b0-50d4-acfe-0d4381862b07", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7abb1f98-4435-5d19-9624-8661360ffb43", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4efdd9f6-8869-5970-ada5-e1a069e4a18c", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.3.30.RELEASE-tuxcare.2" } ] }