{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8e016fb6-c08b-54e9-94e4-47aa15b5de92", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-oxm", "version": "4.0.0.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:02f95547-009b-5f66-b7ef-119056b3475b", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36fb5c1a-ac02-5f5f-8684-7a753d2f321d", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:656fa964-6aed-5891-adfe-79aa04b3a235", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:02c88a09-d248-544e-af9d-a5d4905fdb9c", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ffd9de0-9d72-5a5c-882e-c70b4a6dc217", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:817d3411-66af-5c25-9579-729ca4c3b688", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d8c569e6-ec8e-5d02-ae48-1601c272ca10", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ebbcc4b-f8b1-51cd-9641-4aad4c2c2457", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f064b9f5-20e7-56a8-864d-0ed593f4a538", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:78f91434-cb66-567e-b7de-87f5fb60cbd9", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9533d797-4499-52db-be77-5f36d18525fc", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5d6a1790-e40a-54ee-a984-7d014f99423e", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fd0f7c41-c3ad-50d9-b683-89068b0d223b", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-oxm 4.0.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b1e92ac8-56ea-5620-be8d-93dbd28f6285", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:94e4ff3f-832a-5450-afb3-0f44fdfc51a7", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ff4f0f8-19e8-55ca-8d65-46260aa26815", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b33905c0-74ff-5181-9366-0176b8b65cca", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:33828b58-0ddb-52da-8f70-3994a9447451", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ad206ab7-35b7-5e8b-9c15-1350c83b17ad", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c8e96d9-97f4-5bdd-adfa-d6587824074c", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:38fc6276-08ff-51ed-8a7e-f1d03cd96240", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:428e65ef-fb20-5337-8d04-9505b6b1da8b", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:51ee6b77-97f4-5eab-abc3-f732eb93e26b", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7ea4aa8e-a9ae-523d-8d65-0376f923f3fe", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b2fbba8b-e59b-5fcd-b7c1-40af696b05c0", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:506e2c86-0632-5567-86c6-0e4d22f8610f", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ef5bda0-058c-5a45-b097-59ec29617251", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b2f0df4-0fa9-5fae-8d80-8d064df2673e", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c1adc8e3-bd0d-5e1d-a2eb-a24d0f83441d", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5f495d5d-4f4c-5056-95d9-374c03052b8a", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ac750066-a987-5cba-86fc-2c4997231a9f", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd2a6b7b-be21-52c7-9e1f-efe5909fb3c0", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ab834c9c-0f25-5dc8-a0a7-29c219f812d2", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:adb0a6f7-1bc0-5d55-b7fc-7104f5295ce4", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:00613403-cf64-51cc-95cf-4a7ef523d7d4", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6e82a303-c213-50ab-9ecd-1bb123af09ac", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7f895227-797b-5579-a817-0f29fd388143", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9937fa69-3f84-559a-9499-c0af4ed27cab", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2243bae-dd11-5515-be1b-000fcf7697a9", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ff7a186d-4082-5435-bdfa-4e9eb064b19b", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.0.0.RELEASE-tuxcare.2" } ] }