{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5c2565ae-e05f-5e4d-9185-f78d473562d0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-oxm", "version": "5.2.0.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a5098a83-2b36-5665-b87a-5c1c49819657", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fe58a1ba-26e1-5c23-b005-69201e05cdbc", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e774a443-7228-5fca-8f44-5ec457217beb", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fe33d517-ab91-5b6c-8c40-e50d667a0386", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ce6e1bb2-022f-5991-92a9-17cd4aa48e27", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5f118271-0573-54ce-bdf4-4d2a41b84087", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:db6ca10a-6f4d-5797-bf48-4c0daa10c48f", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7fa03d8c-0bd4-5f79-9087-56992ce3d515", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6ffc17af-fcd3-5d45-bddd-06fa773c2e8e", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9fe458e1-4d27-5c04-8682-85003442e3f0", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1f70198b-2c42-5fa8-9f0a-849781a8e70f", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1e1f950b-d27a-5fb8-ab62-cdaa74468dda", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2599b4e9-d4f6-5d95-a334-ddba13a3c10b", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d2a9f094-1ca5-58da-92c9-107985c775f2", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b3150fd7-7c42-5244-9736-237a227aeb99", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:434d9092-8315-5800-b069-2d027ecb49ca", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ae657792-422e-508a-a44e-bbd3d582a5e6", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fe32185e-81ff-5253-8ae0-e5fb66dbbe4c", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:338e537c-741f-543a-a236-6983411fccf3", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-oxm 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9856caaf-ab8d-5d78-b41a-32dc3fba97fc", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:589252fd-ef1b-54a2-bde8-64803ee71502", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:efa2a15d-3d2f-51ea-98d1-b55ee0e2fb9b", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bb416e0f-985e-52f6-9650-385c0090fa70", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fe45aad1-10ea-5dff-a57f-938ad8ee30a1", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-oxm 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:819ed718-70d2-5c8f-8ce5-9217be4c00f5", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d2c009f2-2943-5fc2-9d68-d7b6c1fa506a", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fef18fbf-c719-50a8-96e9-8fbd56c94b98", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4fa9362e-4079-5c5a-8154-9049c4c06c8e", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:033806f6-b3f9-56a3-a947-7fee12de987c", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cf0dc079-6dfb-55ea-b780-de05ef17addc", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3e160f20-ca2d-54e7-b587-e3d9843243ad", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bc5513dc-e97a-5cc7-8742-c795587a5a5a", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cbab82a6-971d-5eb9-a517-59020cb9fabc", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1391829c-66e7-5c5b-b7cf-985735fb5944", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6a4c1ee0-90ba-51b4-a065-c274056a23ca", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8b38ecd3-a98f-595d-aa0e-08099fa6b6a0", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:53083440-611b-5202-8a05-c1fd4de1df12", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4fea00d4-036a-5591-be95-af09b9531a31", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5de52c22-c0c6-5c19-b433-0746b0e8a084", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d13aecb2-6497-5a04-95da-f3b657fdc3d0", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:36760783-c5b4-5083-b3f8-51069c583230", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:529d2c91-f29e-5a4b-9c09-a3f575abc893", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:52e532d1-6e64-501b-894d-93b57e79f8ef", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a52a5e8b-b1da-542d-9089-3b21cd1937f1", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ff93e6f7-5086-536f-ae82-3a1d5c4e5676", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.2.0.RELEASE-tuxcare.3" } ] }