{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:afcc59f0-097d-5ff6-a1ce-e29652b9026b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-oxm", "version": "5.2.13.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:70c292b0-32a5-5f82-8b2e-f89a362d2b55", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b9410fbb-2c74-5d47-83d5-99600119a50e", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0d3fd1dd-ecde-51ad-8081-5791a2c35532", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a5d16592-b62f-5d4b-aeb6-76e05b6933c4", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45d393f4-ccdb-5f7b-bd21-a068c14da137", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:edb38c16-9829-5e7f-aff4-abb5c72ec014", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0fb7b297-55ce-5a47-be94-99caa8bb2c9f", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5a5a9e9-9fea-59df-99da-defd81ff4c9d", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15bb7c21-14fb-5c3c-8630-b369f183ee53", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fd619f5e-60e4-5f00-9246-39eee3978640", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca5dc836-7980-5563-b4c0-83221426a349", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:55cc7e7e-bd68-51f4-93a4-e967f1a4fd62", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:676445aa-08db-558c-a852-769d1c659c9d", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a855c00b-7619-5041-93f8-d0759217bce0", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:009b9b9f-4973-5670-93e5-7e100aa7bc61", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73796ee8-8988-5f63-8596-41d6c248232a", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:33b696db-966d-55fb-98e5-71a33ca00422", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8457a9dc-328f-5a2e-bfee-5ed0ab79f838", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5f1f3ccf-a1a3-57b3-b73d-b401096cef6d", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:43c7d523-886a-56af-8b48-44e705432c43", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:80b5b3ab-d2e8-5d6d-82f4-76f69db3491b", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:33751335-6560-5770-a6be-479e503a4883", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8566469e-3005-5804-a812-83971dc3eda6", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.2" } ] }