{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:caded1ad-b1cb-5f68-8cb3-68c7003ea48d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-oxm", "version": "4.3.30.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ba269d31-99ca-5c77-be63-4a4416c9536e", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0dfa0607-65a3-5460-8355-d9278e1c51f1", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba5640d8-ad4c-5728-9163-2d01dc5f618e", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2c3590fa-e4a5-504c-b243-de72f4cda2df", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a9bd333-d76e-5e36-b3bc-fc3e06a26908", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7213362-5563-56c2-b960-ef915f8057e5", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8962408f-a1f3-5f8b-bce5-62478e2884e4", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:66c17038-fe60-5233-9dd7-bc8c1746347b", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e61057ae-3e1d-5ff3-99a2-21b9504a1a46", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d294ab34-738b-5e99-a6f2-319aa6c40d7c", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f073aa9e-c1ed-50fb-a39a-f538eae64072", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a2ec629-79d8-5930-9b9d-05a8b3c4e27e", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:541a3fb8-c4ca-5e64-bae7-29f81a0caa3a", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d2f8f3a-6337-5cdc-9108-12325aba92ed", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c6d9009-5dea-5c71-a909-be80a9b5e978", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee2dfbde-00d7-5d3a-8785-d559742b1a3f", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0aaeaaf1-0d41-53b6-998d-02b71c7c0850", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5773fb6c-679a-5aad-b1d8-6707334562ca", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d2c2644d-5d02-5a82-b666-dabd35d7d626", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b8f2ab3a-3d43-58e4-8112-8d446d6b746c", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8668d577-b4b4-5c03-9a2e-cd1473f98526", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c8c695d2-0824-50b1-b4e4-c853caefb144", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:40dc64d6-5a85-5efc-ba61-275d63a3a5a6", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3aadf4e7-6680-59e2-9bf3-6125bea582c0", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e18a99b-2588-5857-b7fa-794aa4235761", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-oxm@4.3.30.RELEASE-tuxcare.2" } ] }