{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f00f2b57-d7e1-589b-aa04-d10ed72d7c64", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-oxm", "version": "4.1.7.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:42f3837d-064b-5aae-8dd6-a1ed5251f431", "id": "CVE-2015-5211", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5211 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e10c5a3-d4f0-5aee-ba48-b506b5b7c2eb", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df93c535-a88e-5499-9537-16a796b121de", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac130ef4-62b2-57e2-9b73-2cf86c139014", "id": "CVE-2018-11039", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11039 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:67386a36-c7a5-5af5-b31f-e3fb4aa912ef", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c8593ad-0156-59ae-b3d9-634f0feb33f2", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95f5935d-2642-5ae7-baac-4a181bc81972", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:155deeb3-8a19-550a-af2f-4d58eb38b652", "id": "CVE-2018-1271", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1271 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:27881364-cd81-5dd1-a698-30bec7dcc5cb", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d18f38c-1547-5e35-80b9-e58c75e90024", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f8292664-19c1-573d-aaf9-dc95a279ff26", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:00d466ff-76ec-5245-b651-7030cd24c286", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a7276cc3-fb45-529b-b949-780f73afa9a1", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2bae4621-def9-57b9-9d25-dc000262157d", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95beae89-95a9-5c19-9f39-f96e527291ad", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7ad5de09-70bd-52ba-b1b5-f221857f72f0", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f075f123-bfde-52d6-9d5e-81a3475ef21a", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b3734f88-0653-5fac-9df8-191ef8cecde4", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d92d5555-68fb-530d-8a62-c5bd3de8b060", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da9fc5f6-2193-5ea4-8122-9f2095cafed6", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e1c4c434-dea6-570e-83dd-6dcf39f41f2c", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6acf81a2-1f77-5943-80be-d86cdf4e4834", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:70c7cafa-badf-5af2-9acf-c8eaac4335a2", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:77d8202b-3d3f-5a54-b303-4761f6a8bf90", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ba72137-d31d-57f2-bc34-dd08366b7c2c", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:93a5e022-3a2b-550e-bfd5-8699e60dcf82", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e2f6ff56-5f8e-59a6-9385-e03641b8702e", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fafed35a-7a74-55c8-9135-343fd0d0d372", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:083f461e-4301-52a6-b081-91ef605aa33b", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.1" } ] }