{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7de319a7-b035-57d1-9ee2-703b3fc2f937", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-orm", "version": "4.1.7.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3c22f776-c01d-5eb8-b732-4ed75d170698", "id": "CVE-2015-5211", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5211 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a105c2d3-44c1-5a27-8932-3b34f7afdd9b", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b167ef1f-2452-56a8-9e42-facaef93fc4a", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0e73cf3-4b2e-5284-888e-1890903a3825", "id": "CVE-2018-11039", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11039 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5f6fef2-4a09-511d-abf0-558fd41ed728", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f5b38e6-31c1-54bd-a4f8-5e484fa2f41d", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac418cc6-c8e1-585e-9502-561b21b1568d", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b718160e-d74f-5704-9d3e-db03388d71e6", "id": "CVE-2018-1271", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1271 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c1484d3-a1e1-55e4-8d07-311ddd94359a", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4805d82a-528d-5902-9dde-14bccf12e904", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f4f54683-f625-5f19-9ef7-b100d4233025", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21e5318f-6ae8-5ff3-ab72-d7ed2cfd11fd", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:700c5306-41c3-5aa8-b17d-1ff4049ff1e4", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e91206fe-3ec8-5968-8ebd-04a533091d1f", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4192654e-babf-521f-b180-c75890977c51", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ac09ccb-d6bd-5fde-a774-317000761e01", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d53db7c0-6af7-55c0-935a-ba20200fb34c", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ab1bba8-dc0f-55c0-b985-a8bea1ebb53e", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a666b93d-4ceb-5a6b-8b5b-19040461f72f", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28fe838b-cd7e-59f6-8b6b-42eb3eb78fe4", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:27441819-3682-5419-9ce2-b31c9bbf70b0", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2b03a81-74bb-5339-bb38-019379edfa88", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c40b1020-2d57-521b-9b19-dafe9b5eb5ac", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b7307ef0-9c52-510b-83c8-43f0ed7339b2", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:46c4f3b8-1252-5214-9131-cd03d4d8dfad", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:675ed7ff-91e3-5256-b22d-44026502dc0e", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d0b1e26-e4f8-5ea9-bf86-3f7a0f74a53f", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1954a15-b52b-5b14-b576-f48681e83057", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1bac2eba-20a3-5d03-83d2-dff96c9dfd0f", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.1" } ] }