{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7771296e-5620-567c-b0f3-05328e98984b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-oxm@5.3.27-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-oxm", "version": "5.3.27-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-oxm@5.3.27-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d9ad032d-170a-52a7-9a28-69f9da415dbf", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.27-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ff262bc8-6f0c-5fb2-b5dd-277875f236f6", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:62cddad1-6f00-5c5a-921e-4a0be1e3df4f", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ff5d8f71-777e-5147-931b-8090c675e704", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2b5905ef-2c23-5e07-9976-9c7894ed3036", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d993fb52-448d-58e8-9981-7bad3a6009e5", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c0332f4c-82d9-5a48-9798-46884b831db0", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:34756f10-0be0-5844-846e-2dbbc277fd7f", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5523c7ce-4ea5-58c9-af2e-e7483b4136f1", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:96c70818-005a-52ad-b2b6-3827d2270700", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:30e3dc87-eec2-5f68-a096-c9424bd8a5a0", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b0cf72a7-a44f-5551-9e92-43368abe586c", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-oxm 5.3.27-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:36624463-f169-583f-ba1c-dfbaaa4b0817", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a2ff5a32-bdd5-50d6-8044-deff26857690", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.27-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b96f0053-680f-5d90-a036-2ad5e310ed40", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7741181c-06c2-52cd-8659-b2f18d1203a1", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.27-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:22563b8b-a0a0-5ca3-9fe0-7e7306361122", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.27-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27-tuxcare.3" } ] }