{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4a83b9f5-70c8-5148-8e08-e209e88238fe", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-oxm", "version": "5.3.7-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d7920792-4a9a-577a-b1ea-b5027521874d", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:24ba62f3-b528-5679-bedc-d95a0cd6e2e4", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:23f023f0-90d8-59d1-9fea-e1910996f630", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa6bc0b8-c829-5e28-b3a1-0bca70ae7ddb", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5211d34e-632a-53f9-a991-ce8042ee780c", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5332a2ad-6a74-5b18-8cbb-c476ab39cb3b", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f56364b0-3b72-5f02-a679-4b9fdf67f3aa", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c665bd0-7983-5c02-a8a8-99c66a86b255", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a27b25d-8822-52ac-89cd-7f0f8b464124", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:519c6e35-1e23-5961-944e-459cc5bd0a7c", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c7040554-19e1-5958-b08c-608591eedce8", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:762c8072-750e-556d-be82-12435d874eb8", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7f1b87fb-ce55-5a78-8c55-4ee1d69cd7d8", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:face5a0b-266a-5ccb-a5d7-9068d0f25654", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3dfe7e0f-ecdf-5923-8d04-e9b0b62024c1", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:70b440cc-fe58-599e-aaed-c6851942aa9f", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a0c0825d-f3d4-53c6-97b1-5fc1dd400073", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7f1e2b44-ae50-57fd-941b-3d1bfafc3fa1", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:52249c7b-187c-58e4-a38d-3d2d95b9bc98", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c83b2a46-c486-5338-ad1b-1845f1e9aff4", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bc71cfb0-3f90-5835-83b0-912eef71ad29", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:52351327-bf1b-559c-83ad-089a4a6097bc", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-oxm 5.3.7-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca810488-fed9-590e-af60-c99521a4e75b", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7ac808d-f8a0-5bc8-aa76-2464d689646c", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0fa0c25d-fd2a-51ec-bd73-bf288bf73dfb", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:01b8e692-9fbe-5224-82db-8be7015201d8", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b296d8a-44cd-5e2c-af59-885645d8f516", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.7-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.7-tuxcare.2" } ] }