{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6d2739db-a750-5aa1-bb4d-fe61a3fd185e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-jdbc", "version": "5.2.0.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:53def890-0e0b-5877-8fb3-a0e61f21de3d", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:940f8176-0f79-5de8-8118-7686a90dbfc8", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dca5bae9-7ccd-52aa-a6a8-6a264f0849df", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f4d94596-a4dd-5c80-8f7d-ce3f002c1d98", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ac07d90-0597-59f0-a766-f6e0230bd7de", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:14dbb2a3-d454-5005-bcef-858df6b63ebe", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dce9a473-574a-58bf-be3b-2ebf3d1e5786", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c4f5beee-1859-5d9e-88fc-a73ff48135c5", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cfa9c11e-8abc-5782-bd4e-b4cc8698d5e5", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eeaa5b14-7154-5b12-83b2-a35df6a8a494", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a51b45bd-9de4-587a-b910-490da179d5ed", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b755563-734a-5d7d-a077-e8c718637a05", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:943c6230-4610-5a8d-8b98-d0aab9c734ae", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ca03d30-5dea-5702-b324-9900b7fb1a2c", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:040e2522-413b-580f-b82b-93b5ec453491", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1054cf2c-5248-5ca7-9692-0308ac2fa4ce", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c23cc81-b65f-509a-a1e5-5e76f8b4b4f4", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4da6b543-015f-5ebc-a989-42fad1ec9227", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b6afb8ac-188e-578d-8fad-9c9255e872c5", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-jdbc 5.2.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:75e22b7d-2cab-5709-a1d2-8ae765bd1f66", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5462486a-9043-577b-a766-76d0ed33209f", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fb6519e3-c7ff-5006-ac15-a6b49c64c1fa", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:926829fb-9151-5496-b745-12291fd8d674", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:49108ec0-4653-5408-b133-430487326139", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-jdbc 5.2.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3ba2d1f-469b-5077-9638-5a93fb2313b1", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.0.RELEASE-tuxcare.2" } ] }