{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:002448b2-d584-5ddc-ae75-a40da087f579", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-oxm", "version": "4.3.30.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:93674fbd-d72d-51bf-8d95-f59f44cb1f42", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ff5a0eb7-e63d-5d85-9828-6c1eb5886ef8", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ddf727d-0267-5b85-bb74-db3673bb6bc7", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4795c686-dea2-5530-ab9f-4492e2a1c120", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4180aae-4407-56aa-9fb8-9dfb272f5435", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8efb6ab5-6042-5562-b1cd-e850150713c0", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5d1d864e-8668-590e-b24e-f4f2a044beb9", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e19116a1-d9f7-58ca-8126-17d9581e6f02", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:847d887b-7f4b-5f4d-9108-2dae3ecd598d", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:953d357d-79d6-5993-82aa-5727b509c046", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e223e558-6a38-5024-9c15-8e8fc54e5a3c", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c08dfed9-7506-5f70-a0e5-5bf69745e17a", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:407ad042-9a32-5251-b1e1-43df4f25c517", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cffde7f3-d313-59b3-b73d-cd838aadf79f", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:87faec0c-cf5f-5b5b-97e8-05891b0c0332", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:333f30aa-f229-5eaa-9875-41f35b86bf24", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:81080332-8211-5183-aa8f-7e4e854e19f4", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8bef24c9-b6c6-5faf-a810-9bf333ac239b", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:08e18214-1792-5ef0-ac28-ce32b3fd7c5e", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:425963ff-daf0-5b9b-a4d5-e3c57286449e", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd11fe5f-359d-520d-83df-3756252325bc", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2ba25f59-8254-56b5-abc2-7dcd073f86a3", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6efb0359-4b97-5330-b894-6c1388b61ee0", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a6156fe5-31da-5df1-b433-7e7b57ee682d", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e52dc238-52a5-546c-a817-13cb6b3ac451", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.1" } ] }