{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0c7df422-5376-526c-8f48-7ee057fe5809", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-oxm", "version": "4.1.7.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cfdbc5d1-0ff6-5f67-89cb-4662b79a992c", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f55b3fc7-b20e-51a1-8a23-b47df4697c24", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:94825d8f-ec76-54bc-a611-9e5df15a9d42", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fa9854e1-d376-5604-9fbd-70441d6dec16", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd7650bf-7fab-52eb-81b5-d467a3d4607f", "id": "CVE-2018-11040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11040 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c904cd9-c6cb-5f20-8c0c-c8a177198767", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e2da8d5-d592-5c3f-aec8-a37fcd4c5ad2", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7dbd7246-d391-50a7-b361-15b1fd6cb632", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ecf5ec7-b16c-57f3-ae63-43c2b4933d45", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:408251db-e65f-57df-a85e-6fdc40e93337", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:972a1561-3a43-5589-aabf-94a57ebbc53f", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c44f7886-82bc-5d77-ba41-f035e7721bc0", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b1931c0c-4930-57c7-becf-b2150f689d62", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7313ee50-414d-57db-a327-f07071f88263", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa36c300-a23a-5892-9421-0c63a8f00d26", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:651b2aa8-253b-59f5-9ebd-fd6dfb1d3d0b", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd9fce14-a049-5e62-a431-32b3432fac89", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1aa5c000-47a9-50aa-aaff-57cc8df382c7", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8cc2a4b6-d52f-527b-9413-e9f484158876", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b27c32ce-fc98-5d62-835f-bd3be814885d", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eae9004e-2c0d-54d1-b8ab-b38b33c1f0dd", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:81d8c83f-e6d7-51b6-9005-a577f0ed9d08", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:222eac71-6346-5380-9678-c139c0cdf6ea", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:826ca1ad-8e67-512f-bacd-86435060ccf0", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7de26dad-8b74-5bfb-9730-10631770acbe", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b74390be-41a8-5186-81fe-86beb67c1404", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2381f572-e081-526c-94e4-9fa9f3050c58", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:92dcd7f1-0b3c-5cea-8862-c9446223ef9c", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:41abb24a-a7ca-5d92-955f-5889a1d20713", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.1.7.RELEASE-tuxcare.2" } ] }