{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:feb9342f-bff8-527b-97f5-6d6b52c42f06", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-oxm@6.0.16-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-oxm", "version": "6.0.16-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-oxm@6.0.16-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b1823326-5d30-5048-9052-40e3367950c0", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d567b9e-82ac-5612-a945-2f05637344e2", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bedc0a5a-403f-5dba-ba9d-31451d1dd038", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:770bbe38-a161-55f4-8933-6eaaa051d726", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d69a4303-75c1-5959-b107-0e52bec004ce", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:054c6695-a8cc-5b53-a1bf-20b2707857ad", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f96a0c36-fdc1-5a21-9b95-209c3aca5327", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61db99b0-ed26-5ff3-999b-eac873a6d87f", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:03ab04f6-695f-50a7-aaf0-550f2a81dbf5", "id": "CVE-2025-41234", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca2e6cce-d5a8-52bf-a0e1-1a94a8f313cf", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7bb78a12-dce0-5183-b2c4-a6859efa3091", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a559182-45b9-57ce-88a3-5be0590d90f7", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69c7dcd1-721e-59d8-96a2-8f17642b09f4", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 6.0.16-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a36f4d4e-5b3d-5699-a27f-5fc4127e6a44", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 6.0.16-tuxcare.1 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.16-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.0.16-tuxcare.1" } ] }