{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:cd3d7e4a-b67a-54eb-91a3-be443ca53986", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-jdbc", "version": "5.2.13.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e3a13721-6e80-59d4-a257-1b172ce33b0b", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e91a7f6-19d4-5023-a24a-5adaebef6f5d", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5b9485b4-6c8c-5aa6-8396-939aac4d2a03", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9114dc56-dc2c-5925-9a5c-c62f81b97770", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ad8f8513-7f1f-5e23-8268-f63ae3aa2f87", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:753df736-8029-52ae-ba32-dc0e8a983ff1", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1b8ccba4-578a-5ae0-9831-71660b6b7cff", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b49a4f58-b5b1-5f51-aade-2f5278b13786", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:569a0e71-adc0-52ea-aa0f-585d93a66a6c", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ae73b353-54e6-5fa5-a2f8-a9f5127c17e5", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a6e047b-4a84-5c33-9aae-a64d4b5fd6e2", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e40c8fa-a867-5096-ad40-63435c6af7c9", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d1766c44-02a9-5d23-bea3-8d243808460e", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ef06215b-8cf6-5334-bc89-2849488c250b", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cfe0da8f-659c-539a-9df0-3d516d6e83e7", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d10dd2fc-afcc-5aae-a722-b94495ddacda", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:72374de8-f62d-5400-8f64-643882567739", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f6c3128b-b579-5875-8821-6c9943944691", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7fcbed9e-7836-5dc2-b1cb-d590f3025522", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dc2dcbeb-01ab-53d7-afa5-3ed64d3ca578", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:83041042-57cb-5d7c-8636-fed27b6654b3", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36173834-ceb1-5209-b6fb-5c4aa1d01db3", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:81a99450-1447-5fbf-80fb-7cacf0fc89b2", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.2.13.RELEASE-tuxcare.2" } ] }