{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e6646425-030a-5c1f-8822-efb73ee9ffd9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-oxm", "version": "3.1.1.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:71eca248-6ef5-596e-90ff-d49178f4f881", "id": "CVE-2013-4152", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-4152 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:502b4541-9e66-5ce8-9cf0-abb743aab8f8", "id": "CVE-2013-6429", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6429 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c657818-8379-5f24-b012-ea2092108802", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2bfb3bee-ca89-52bd-93c9-c64d483d1bcb", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d04c6107-01b0-5de9-9cf0-dc72adf046bc", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fd017a94-910f-56c9-abcb-bd2fd8a62db4", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ee5cb89-a789-5f0c-bb0a-dd0e095da989", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b77281a7-0f6c-5244-bb10-72114582af6c", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:260ccb66-4824-5d6e-8f42-4f5ba5e36a4b", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d5fca7f9-8fa1-529c-9219-1b7319be7d03", "id": "CVE-2015-3192", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-3192 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:104cc74d-77d6-5619-abb1-98e2dc5c9622", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:11770e73-6f25-5a15-878c-412ff53f1144", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2f06f443-c013-5111-9f4f-db11d44deeae", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a3785a01-a2b6-58ea-90a0-2df25213b3ee", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a9b81b76-baee-561f-92e3-f5faacf6d21c", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55e33211-da3a-574d-baae-3b52d49d247c", "id": "CVE-2018-11040", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-11040 is a false positive for org.springframework:spring-oxm 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f03a438-8f03-5b19-ad31-4242aceb1abe", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-oxm 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b8548d4f-a3f2-5ef9-8d74-5dbb548ee93e", "id": "CVE-2018-1270", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1270 is a false positive for org.springframework:spring-oxm 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ff32a87e-f29e-5147-8bb0-4d6abf8d41a7", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:856221d4-4f3f-5c45-9941-10ddcb9dffee", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:36819f8f-d62a-5469-bf24-0046738abd89", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20c03e0f-edd6-51df-a16a-d681783f806d", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b8b8038-727b-596a-a50f-739772d106c8", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ffaadf37-baa8-5f6e-8b3f-97fe4806cb13", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d1496142-c30d-5f68-9b3f-0b96425ed9ae", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0d0dc2d0-77fb-57e5-9a86-6d3e01028b77", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:675ec2ba-74eb-5472-8e3f-724d16d2b1a9", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf306112-b0ec-5487-a7f6-c1ad12d64682", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60683681-d25d-5bcf-8b30-7b64653dfc75", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad7d4e5e-b476-5b18-aaf0-263ccb0c40e2", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be396e9d-9aed-5116-9968-161eebc936dc", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf56fcf0-bcea-5d08-b990-14cd2942fcf8", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b8ab2c2-effe-5c09-b6d7-7d000f6fa3ad", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3ef40682-44df-52bb-a098-226e6d4d8805", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1796ad6d-1962-576d-b217-4e7b847d5018", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:723a151c-b2a9-55ed-8e9d-a5f08cb55cce", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:31fc8707-14c8-501a-ba5c-e07ace2e9017", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b2931bd-e210-58eb-807d-cf8b0e01a211", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:90ba87ff-c610-5a24-b269-43f8dc0ecc03", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8afafc11-8aee-55db-9228-5718df268e39", "id": "CVE-2025-41242", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41242 is a false positive for org.springframework:spring-oxm 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1796e07-f1f6-5bf0-adaf-0266c843cc0c", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9841349b-716f-5d84-a642-b02124715118", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-oxm@3.1.1.RELEASE-tuxcare.1" } ] }