{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:80dd64a2-ba5f-50b4-b4ff-d8d79587d645", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-jdbc", "version": "5.1.5.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e2144a2c-8fe9-5071-ba17-37b5a07098a4", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ae1b8c5-30e9-5213-a8fb-7c660e52b474", "id": "CVE-2020-5398", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5398 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:82813b1c-77d2-5e4b-89d1-f526ef1974ef", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:334b7c72-2456-52f7-9bb7-015b53634063", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a2eee22-4771-5acc-9d10-f7f5f495fb44", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da31d45b-7060-54e5-8d21-44803995f557", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75f1fe3d-1d75-5b09-9e8a-bb6948cc3353", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3e7c4b31-8550-5763-81fe-4c9799b68feb", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1a2a5247-dd9b-5799-b836-082730b16130", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc8e038a-5589-5378-9002-9791fe5602eb", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7bce04a5-e94c-57ed-b46f-3925dac2cdec", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:98950405-9b09-5880-808f-d3e961a9f505", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:41b5f39e-a53b-53bf-9be3-ecffd1bc7020", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f7c356bf-d1a3-5cbb-b51c-1e77fc61bb89", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5d4ae117-b54d-5991-a47b-a8777d5221c2", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a075b061-eaa8-53a5-91e6-049cea06edeb", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a7f3411b-42ec-5e23-b010-575a5fc4ae9b", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-jdbc 5.1.5.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:431c7430-a980-5e88-b72e-caf8ee7744fb", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5951a149-5b78-5168-9c67-4de4694d010d", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a01514e-c518-5310-a4eb-bf6cd9294f8c", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80e20c0d-2420-547d-9ecf-abd6603ff90d", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:609a07ed-522f-5303-866d-c6e585d33e5a", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9a4886a-c689-5541-8b76-2e9c99d685f9", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e85c422-4520-55f8-ba79-dfd585b6676d", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:04c2e4c4-c04f-5d94-b7e6-804e92a48864", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.1.5.RELEASE-tuxcare.1" } ] }