{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d97bf920-491d-5abf-b6c3-e8b1b5cf94ad", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-oxm@5.3.27.tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-oxm", "version": "5.3.27.tuxcare.1", "purl": "pkg:maven/org.springframework/spring-oxm@5.3.27.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3c2673bd-bed1-5057-8556-2cc096341ef0", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.27.tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:05a48326-36f7-53c9-9db9-aa4847f82c66", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.27.tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a9eea7e5-e3ef-57e8-9e84-0b05e3b34c47", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.27.tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c8119bd-af70-53ee-826a-9b22ffd1d889", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.27.tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb3a5c0d-511a-53b4-b107-b42903ff5496", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.27.tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4d79ee4c-918e-5bac-82d8-636baa35484b", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.27.tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0fb110d2-f384-5166-b688-be90a6d8adf5", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.27.tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d180e881-c085-5187-ba92-da1bed0d8b8f", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.27.tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d9bdc32b-aff7-5ae1-b0af-77c439d2c5d8", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.27.tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e11a7be3-ca26-5f4f-9cbf-745b74d7ed5a", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.27.tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a54afb45-23a2-5afb-a66c-75c9f5048002", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.27.tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:74495921-0df3-56ee-a0a2-1c1fbf05a7ba", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-oxm 5.3.27.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69d66284-7a21-544f-aa65-fa76fa1c72c4", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.27.tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef20a903-2a82-5a68-9571-77550ec52e36", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.27.tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:40e2d2d6-273d-5b85-82d3-14d416fce1f2", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.27.tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c498ea9-b2de-5a58-9f6c-1b357e249fa8", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.27.tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f519f5c2-1f08-5fc6-8e36-ce3d30a97638", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.27.tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.27.tuxcare.1" } ] }