{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4189e37c-694e-5520-992e-1b74c62fd46c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-jdbc", "version": "4.2.9.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6d4373cd-12f5-550a-af7b-f51c83705f9a", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0f586517-2ca6-5274-9997-44c8ed349144", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13b0b32a-e44b-5b24-a8d6-fc48405f9723", "id": "CVE-2018-1257", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1257 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed98a436-9ed8-5069-87e1-faedaafb6b9f", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ce977753-6650-5775-afbb-bac5ccefbf35", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:56bcfd1a-a9ec-5e7a-a8a8-47a956df676a", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e4d7205-9ffe-5b26-b3a4-0b7640f2ab77", "id": "CVE-2018-1275", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1275 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c8674699-98d5-5c4b-b8ae-6a4b4ed4ab5f", "id": "CVE-2018-15756", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-15756 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:39ec401a-c7c5-5a0f-b109-1444d6f219fd", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b9fef048-483d-5505-82f8-490ff5ff955e", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d10f2ce7-046d-5d26-9500-85cc98d13a65", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4e75a96b-c69f-5011-9099-c28ffe033fb1", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9d60df2c-7236-53e0-a9e7-8d17ea5e4804", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca9e63c7-c22f-5059-a22c-a2cd2a5d6a53", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a576123a-0eb1-5161-b149-dc0499cc7561", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3d3afe2-fc79-573f-aa6e-9a018bf934b1", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:67cffdf1-3aa3-5b94-a5e6-eba1d319f635", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1820ab0b-ce54-5de7-878d-4da2d6306fbb", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ba8b61e-870d-56e7-b50d-c3e2ee0d9f49", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9808352-678f-56ed-b986-c428101ac598", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fd8aa652-0916-530c-b40c-df93a66d3ccb", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:291d768b-1cf8-579a-aa97-976dd3291561", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0c2c727-5881-57ae-ae1b-b466212bf293", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:492b679c-ab1a-5ab0-bd7c-c5d32e2352c9", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0546aece-1320-50da-92c7-e3c30ea66c43", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a6a7cb49-cd55-5c3f-9634-81de7c67c7a9", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a1ad1b8b-c031-5abb-9331-7745bc2e61a2", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:066884b4-794c-5a31-8257-f885e585f5e2", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@4.2.9.RELEASE-tuxcare.2" } ] }