{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bde36460-9a59-5ed7-b81b-b004ac33b95e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-oxm", "version": "4.0.0.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0996da68-6989-5944-bc62-6718dbb2ffc7", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f426fd9-bda8-5527-bfc9-5331e6be16f7", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:42fc836a-9340-539d-b3d8-e705b44f17b5", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:855fe6dc-54fc-55e7-be33-ff27fbc753e4", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:41419e61-d313-503e-be9b-9de37f0f953b", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b3be710-916c-5623-8e4f-106bf1979812", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1d6f925-3a17-50cb-94de-a2b009fcde19", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7915010a-4a26-50e4-90b4-1795e89bf292", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b39dbf7-6b5d-5bc0-be92-58fc5546bafb", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3c1ae959-9bd6-5528-9217-c2363ce991db", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e337c71c-a16f-53d7-95d1-ffec80f592a7", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b66140f-66b3-5e06-850c-2387ae9df3b9", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af85f3ea-cc77-5569-b161-bf6d1a82bbfc", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-oxm 4.0.0.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:54edcd09-abc2-5632-b8ed-69034d2c931c", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad432fa0-64e5-5ea6-af6c-4c1fbc85f507", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:236437dc-a375-5c7f-85db-0839c8b6adf4", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e59994e7-91f0-5584-adc9-0be77faef04a", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b8d1d58b-1d4b-5e61-99c4-8704fdf0d5be", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:400be2d7-a210-5b6f-b3b8-70af8b513fa1", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a51ca5eb-c5a9-5b0f-97bd-fd952d1ca62d", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61db1bce-813f-5469-9fce-295576c9d5f0", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5a141fd1-a8f4-57ff-a0bf-76470f0f0e9c", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:094711b6-e481-5ec7-80fc-94b121f7c9f7", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21b6c4ad-fe02-5455-bda5-3d790fff4d28", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac97ab15-5c08-5371-8bc4-018eeb6df92b", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:457b0b18-92ef-5709-bee7-4ed7ee98c2fe", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eb675e3b-6d33-5d2f-8a4f-cd8ab9982bea", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:feab101a-daed-5c9b-a4dc-d3d201f58077", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:32b9e7b2-890d-5f00-9912-429ea38d6a9e", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b7a567e-b133-52db-b62a-07585a00fcd5", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:11f8559e-b48f-53cf-a379-b32be3361d04", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db94a421-e305-505b-b20c-46732415bba2", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21944afb-462a-51b6-a559-4b2aa1f82adc", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7961af50-ee8d-53d4-9eb6-658ee9204bf0", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c59d704-6dae-51e3-aacf-565035ea7f1b", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f17909f-ea69-5c72-92cf-ae2960980846", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c30161cd-d5ea-502b-a6de-d353938dbb6f", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5a1d6a4-6d32-567d-96a6-6ae47b149cca", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b9f6c47-4f27-5d43-aca6-154d810e8c12", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9417925-7ff4-5e7d-a248-d8abf9426c3f", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.1" } ] }