{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9085cb6d-72dd-57ab-a750-746a8ad0d371", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-orm", "version": "3.0.5.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a3b9c06b-802d-54c7-810a-4bc07646da9d", "id": "CVE-2011-2730", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2011-2730 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78cecce9-6467-53c2-9de4-2bbee30e41b6", "id": "CVE-2011-2894", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2011-2894 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b2ed18d8-7d1d-5255-90ff-14dc797473f1", "id": "CVE-2013-4152", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-4152 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cb43a002-e92d-5e27-9712-edd3351335fa", "id": "CVE-2013-6429", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6429 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b619ec04-df4d-55da-9a43-b517e1641a44", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1b9ef02b-2c06-5d3b-b78e-4bb74465d2b8", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bc96381d-81cd-535b-97fe-055cfc613d87", "id": "CVE-2014-0054", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0054 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4e1fabfe-833c-5b4f-8833-5d427cfa35ff", "id": "CVE-2014-0225", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0225 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:11b73cc9-d639-5cb9-ac8a-6fef532e9c72", "id": "CVE-2014-1904", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-1904 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c5adb53c-e65f-5db3-a311-f4cdf42a19df", "id": "CVE-2014-3578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-3578 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:15e72d89-99fa-55fb-a9b0-ede48199b800", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:40c99aa5-e402-50c2-bcdf-3721ada4412d", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e4ce88eb-8f6f-5aa9-8348-3f5da78597dc", "id": "CVE-2015-5211", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5211 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:575e5287-64c3-5174-a24b-bad8171f6d1e", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bb76719f-661d-590d-80fd-081a64b4af71", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8139f90d-831a-505c-ae35-509776c5db31", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:387a14b3-c3c8-51a9-bd92-76c8675a5c7f", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:73b87036-e6a3-546f-98ff-632060a7a970", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:db91cdc6-78b8-5ecb-b501-957d82c2bab6", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5029a3f3-2466-515d-9357-d2d9524e0a11", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:96bcf770-067b-5d39-81ad-8d4a10a31666", "id": "CVE-2018-1271", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1271 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e9d496f2-f93c-565c-a591-07861d5b94cb", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2cc96aff-5ae2-5b81-a3e1-3ad9224ab538", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6019596e-36da-57f8-828b-1574e8ca4612", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:45097afd-238a-5a7c-bfc6-a4ce1842f7a5", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:67086bdf-6827-5841-8efd-22421eb9a69a", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:87f23e8d-767a-5ffd-8938-0548a34648ea", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f0877ca9-a8db-518b-8e64-736bc84deef3", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9a7ac8c0-8659-5489-9683-176b7cf9903f", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6724f979-ada6-554b-8426-19c731e871b6", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bd39f9fb-b8f3-52b6-ae8f-1a5a57eade0e", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:88c25483-3565-555d-97cb-663f7c88f71f", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4c54737f-b2db-5e41-a7b9-2e264d04f515", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ad5a5a08-6633-56ed-9675-6293e9ab877d", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:47bccbfb-90b3-5bf4-9b89-4e72213de807", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7bc22064-f12b-573f-825a-122165ae2180", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7f814d0c-c79d-566b-917a-0b6bd6dcefb3", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:73e9c9f5-62f3-579e-b642-b086cd2e0d8f", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9cae98d0-6d58-5a1e-b48c-4c02c7ac85ac", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e0ca7b72-4266-5e2a-93fe-000c4d52b85a", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.3" } ] }