{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:795f7cab-6be1-5603-9c8b-ed95a79a6d7e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-orm", "version": "3.1.1.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:07df6000-065c-511d-bad4-a45b8bd63f3e", "id": "CVE-2013-4152", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-4152 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d495c312-9898-5947-a1cf-6542775d0f47", "id": "CVE-2013-6429", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6429 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8fb98731-180b-5f5b-a731-7cb43f3404a2", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:45114762-ac94-53b5-9712-6eb8599ecdad", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ba0019f-9cca-5b68-85eb-b6802208a987", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:126cbe86-7534-5d80-98ae-ed245b96ac4d", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24831f7e-c69d-5ba3-b520-8046ee702f20", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19c53bcd-b2dc-57c0-ad04-4bd564e8c356", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb2441a5-a085-5658-9fcc-523850cb37a4", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b9be1c0-e3cb-5953-ad60-9e0483e0fa27", "id": "CVE-2015-3192", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-3192 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0645dde4-2ea1-5c9d-be25-6c7bdd28e214", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af1e720b-8d59-5a65-b6a5-92f9e4b3c9b3", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:daebdbdf-33b9-50f9-8ade-34e52a31d44e", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0638d272-baa1-53a5-ada9-0a18fd8e4214", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:05f74cff-0204-5681-93ad-ed63d80a00a4", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:354de626-f35c-57b5-aced-647b293cdeca", "id": "CVE-2018-11040", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-11040 is a false positive for org.springframework:spring-orm 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d614f9c7-c316-5a4e-972b-75fb5df97be3", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-orm 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:76c26078-8fd7-517d-b6e2-673b7ab61a37", "id": "CVE-2018-1270", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1270 is a false positive for org.springframework:spring-orm 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2120b13b-35ad-5030-b472-08e860f8f5b3", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69ed5a41-05d0-5a16-be14-0beec11f4d6a", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f887d1a-a8a2-5939-a0b6-04686621f8e8", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5009b889-29af-5889-a46b-a19c9d103f03", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af72157f-033c-5844-ab17-83359e947655", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:894b49ba-fb54-5448-8d9d-bfa43e2e37e0", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b7027292-64b0-536d-8a8d-400e828ec5c0", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8027f450-cab7-5f21-a70c-5b561cef38cb", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b125664-1d76-5490-885b-875611e367dc", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a64d0d41-d05a-5e94-a371-026bf7a01dad", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d59bfabb-e6b8-54ed-ab60-4d80679a7db5", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e9da32f-522a-55b1-90df-e768d14a1121", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2e604c00-ba3b-5882-bb79-775d6953d615", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:186d2fad-3504-5d80-98fd-c24ff321bcde", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:39ca824a-7f4a-5c88-b660-09f4d2628090", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19d50086-6f8c-51c5-be58-daaccd75a807", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:730b985d-dc73-5ee4-9f71-e15e2c0f356f", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3c7c2c13-4b87-5bd9-8205-3e017e49cb9f", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b43fc4d-5085-57bc-bc2f-a3ab4ca25f2b", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c268183-01fc-51f7-8233-bec13d53d70b", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2f01f24-5491-5313-a692-0bfbccbe5fbd", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69161549-40ca-57cc-a54f-e7fb50bf5981", "id": "CVE-2025-41242", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41242 is a false positive for org.springframework:spring-orm 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:839ddf18-0828-5c9b-9c4d-bb1138b31f43", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3e502f79-8847-5277-b034-8afddcb61edb", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.1.1.RELEASE-tuxcare.1" } ] }