{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:55e74b3a-537d-5130-88ab-3bb417d9224a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-orm", "version": "3.0.5.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a9b2bc42-e102-57f5-9f7d-86c6165d8ce2", "id": "CVE-2011-2730", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2011-2730 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f62552b-5599-5190-9e5d-554f8bc3062c", "id": "CVE-2011-2894", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2011-2894 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a343c70f-3aa0-5211-a49c-ab0e5fb1a2f6", "id": "CVE-2013-4152", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4152 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2d87ab7-2ff2-5cb9-ae5f-4c9cfdde457c", "id": "CVE-2013-6429", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6429 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6fa254f9-9667-5e3f-9a6c-66d0a86c3e90", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:945a581a-c43e-5f1a-aff0-31339733f297", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:43793577-8ba2-55d0-bb81-746fe248584c", "id": "CVE-2014-0054", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0054 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d1da921-45c1-534b-9aba-d9c3fa2e40df", "id": "CVE-2014-0225", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0225 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a383582-0b1c-558d-9454-d1d7df73d0c3", "id": "CVE-2014-1904", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-1904 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d44044bd-bd89-5a10-982b-7ac5a0c227e9", "id": "CVE-2014-3578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-3578 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:71d15faa-1ed7-566c-9e7f-acc9322f47f1", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f17f7df0-d32b-5889-b0cc-4a7f15c93782", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:74f0a272-e346-50cb-8a5c-54aa4223e9dd", "id": "CVE-2015-5211", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5211 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d964291f-850c-520a-bea0-a6583a36456f", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc5ecb9a-1142-5c7e-bd36-d12654cad2ad", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d892a45f-54c5-519a-bd7e-2fcd4312d6ca", "id": "CVE-2016-9878", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-9878 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:faa88a8d-658c-50cb-b77d-a8fc55308f14", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64c0d3a0-5aec-5943-9e1a-488c7311698c", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e996f1eb-6a18-5469-8056-19529e6d24d3", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad3e3429-6378-5aa9-b1f3-2f694d28a242", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:81b306e9-8ecc-560f-b240-abfe15e02a8c", "id": "CVE-2018-1271", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1271 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad96c460-dc65-5fd6-a0b7-31e9d52d5580", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c35bf373-b19c-5909-b77d-2837dac94c16", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:316e3f3d-93c2-520c-8f1f-afb965e2a1c7", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e6a3718-d169-5998-b929-41831a37b090", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:52e69d0f-7d0c-5abb-9c0d-22b8265ca3b6", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:922d948b-a83b-5d12-9923-84ee4696c573", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b648623-a701-5e4f-b9d5-f83c02d63468", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c38a95d7-6bdc-59fa-934c-4238d3db0eb0", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb251357-6761-516b-be6c-45f85e0cc9e7", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f9ae4e8e-d91c-5563-8f51-e87b06fa8801", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24e89543-bc7a-5795-838c-9e82f193bb9b", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:48343461-daf6-564a-becd-addc0b501d58", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1babbaab-4f2d-5a37-9b3a-a4ae11d00ce6", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2d2f0975-a7a4-54f6-8fd6-181593386b7c", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e62fe010-f986-5a44-96f1-595d42a2962d", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ceb0c10-1e44-541a-9578-75606708e05e", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:47a8458f-93ba-5b6a-b459-0fa76ec84443", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:52b51565-269a-5ef7-8e7e-380147148a63", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e8b2d733-3b87-577c-b86f-ce4277eea11c", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-orm@3.0.5.RELEASE-tuxcare.1" } ] }