{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:dac9decd-9c32-56c2-a283-ff332367d684", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-orm", "version": "3.0.5.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ef043220-b861-5bee-adbc-7168bbc48d6c", "id": "CVE-2011-2730", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2011-2730 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ab1a12a-b4e8-5a9f-ae7c-ef67bacb22d8", "id": "CVE-2011-2894", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2011-2894 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0e73e1c7-eb25-5433-b19a-63265f444831", "id": "CVE-2013-4152", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4152 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c756b31-fff2-5c19-93c3-c11cb4178db1", "id": "CVE-2013-6429", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6429 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c021e939-9a80-51d7-ac08-7501d4ae8f81", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:33440517-4c31-5300-a09b-5489eda7e879", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9a98636d-2f99-50a6-8f77-b67561a0d389", "id": "CVE-2014-0054", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0054 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73ef7657-2c3d-5f11-9ec8-b0cb9013cea2", "id": "CVE-2014-0225", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0225 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:26a20faa-6368-5083-9940-1a934fda3236", "id": "CVE-2014-1904", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-1904 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:00dd21b4-784b-58de-b185-a8cb7bd7c57b", "id": "CVE-2014-3578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-3578 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c62c288-6cdc-50f0-a188-8b5605f13a5a", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:65602a9f-dd77-5137-bfeb-8de2fc2ab52b", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19d0b466-5ada-5eaf-8e41-4fca26f84370", "id": "CVE-2015-5211", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5211 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6caf4766-7184-52a1-8497-e3a2d18384c4", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8060e55a-8e33-5c54-beab-1c6b41ea9c50", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:95f814cb-1403-56d1-9e5b-fcfba94cec0b", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0d50c38c-bcf9-5766-84cd-b8005c74e70f", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d79e53a3-774e-5e6c-b13f-b4490d698e80", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dcf3b332-762a-5105-90d4-93f257c09f02", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:05d749f0-50f2-544d-9f71-9a8e990e38e9", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7007043c-fe3b-5517-8447-e42a458f0a02", "id": "CVE-2018-1271", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1271 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:80a431aa-cc5f-5f98-92e7-d29b666585e0", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:41dc76f9-2e31-5d7b-bd6a-237cb4c7e32a", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f8436771-4231-5541-be63-a43cb4e8b4ee", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee2ec54c-ee2c-5c89-8113-2244dabb231f", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:777aaefe-271d-5178-b433-cfbccf8e4635", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a58d2f54-9478-5f7e-aec3-740b885be288", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7463549b-f60a-5c78-8e5d-149c9fadb546", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e786521-dd98-572e-9aab-70b475e1835d", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a26c2c4-bbf6-5c3f-b2c8-76ce6bdd8271", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d8cca8f1-cbd7-5245-b135-485f8c0d66eb", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2f69de6b-544a-5f32-9d74-c202b857b555", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e43d5f2-eb99-5305-8b10-748a663b1314", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c5ae9a70-492b-5dce-8a4c-a5dcfe74bc4f", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:51306025-6377-5a54-9a14-f00cd654af3b", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a2eaa07-6bfb-5984-9523-5ce42f13f218", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7e0e8f6-5feb-5bc3-9db0-9cdc1c357aac", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a99148ab-7e91-5585-b856-8c2719823008", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:72c990c2-3d2d-5a4f-b800-b7e87fbb9485", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:51b06fd0-09fb-583e-99b3-8311f355f1ca", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.2" } ] }