{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a7dee553-2921-5483-944e-62211b4d5988", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-oxm", "version": "5.2.13.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2b735c24-0178-5136-a025-fab03c1869d4", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fcf00f77-9d0f-551a-8ce0-21e13919f0f0", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cd3c4fba-c661-590f-99aa-0f698ba44dd3", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2c9b88ca-2f2d-5375-82f1-b106ba33ce68", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d0f5d9c0-543a-5041-beeb-b7290e7e56bd", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ff22eca7-1aed-5ac9-9b03-897ab87fc0d6", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:94dae0bf-bdcc-5a19-8803-12709c831c59", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:350ce1d4-8e14-515d-98a1-4de1467ae702", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:447a924c-0ee1-5ebb-a21b-f59d7e230416", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3524f7fc-3813-5f12-a262-d1af9cd0fde2", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:285cf7b7-549a-5ed7-a1a4-5bc4a65f1fbc", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f9bebe9d-abe0-56d3-9edd-91bed08e2992", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:001362b8-eb21-56f5-8ef2-f946d47fe2af", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9e36e43e-a2ee-5999-b876-ad345c46a70e", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bd11d774-cc8e-574f-873c-f13058ba9852", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bf5b2437-242e-5e40-8742-cabab48122fe", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c92b8c2b-be7f-528a-bd05-5fc6198a581a", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fccbe141-0dab-50bb-82a3-2c72d371a08f", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9c3c9eb2-65ad-5752-8a46-b17210f5fb75", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2edaa066-7cbd-5726-af92-3d5e8982db17", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a28c41f2-ab1b-5b14-9094-d19a7de9df39", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:60c68b19-f1ac-57dc-b890-6ee360f9dbc6", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a420fa86-b19a-5825-a5ce-57ed9b6dc6e7", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.13.RELEASE-tuxcare.3" } ] }