{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7d94ebf8-0bab-5a5b-9a47-bd19deff27c9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-orm", "version": "4.1.7.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d29f8bb7-9ed7-51b9-a9d8-13d2f39fdf43", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b603b7c4-cfc5-5cde-8e35-8984432c9d77", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:71c0c18e-8ee7-53d1-897f-46330152c086", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ca3b6cf-13be-57ea-a2f6-f19e25df19ed", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8447d3e4-26e9-5c67-a3ca-342f80226c20", "id": "CVE-2018-11040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11040 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f0b5dfac-3038-5bd6-a8aa-1116ffe9b0aa", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5b1c2c8-f1f5-5c9c-a386-c477045df741", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c8b56ad-5173-52aa-8742-dc30ea4cfa12", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:62e4f9c9-b3fd-5837-956e-84ecd8fb37a0", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5bc48bc4-0d38-5c71-a7cd-0e83fcdfd492", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28cd07b6-b112-5d71-ba85-e0731e1bfd99", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb62eb1d-e521-5acb-8d2d-af5567cabfb9", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9a602396-adde-5217-aac2-7d0f8b84dbf7", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d2bb69e7-0793-5a1c-a665-8c243846b91f", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7a3c391-d330-5ec8-a2e7-c567d2a4b543", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:30bd16b3-de3e-5113-8680-f028cac8a458", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45b2f4c6-7edf-5c50-bd5a-71f0ac858a03", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b45898c-ff2c-5785-8b71-ceb12f74b29e", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:156eb8d6-5147-5dac-bb52-1ae91b11cca9", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f9d79deb-0206-558e-9eb2-e6fb53d428b8", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1dfeb534-2bdb-5238-a573-7526f9bdd60f", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7eb93da-a296-5437-9b6e-ded6c5358169", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c637470-a70a-5b20-b7b9-6df430e330db", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e959caa3-9712-55e1-8872-a0c87562170a", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:556e02c0-7821-5e7c-953f-6b267771f247", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d568a605-79c9-533d-ba9e-5317be102508", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c23d7085-bd4a-5ed4-990e-1faf9ab40264", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f035bc26-aae9-5dff-ba33-fea3949c4e93", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0580a300-f783-54c2-90b0-624095057740", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-orm@4.1.7.RELEASE-tuxcare.2" } ] }