{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5ab00903-11f8-50a8-b061-e4273ef35cf3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-oxm@6.1.20-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-oxm", "version": "6.1.20-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-oxm@6.1.20-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7345154b-5c2c-5cfa-9ed7-2007e721a0ce", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 6.1.20-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.1.20-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2285be04-5e6d-5574-9e17-2b99b1aed460", "id": "CVE-2025-41234", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.1.20-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.1.20-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:abd7fe5a-5a94-5941-9454-f6a70c81af8b", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 6.1.20-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.1.20-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ec1dc28e-d042-5928-95de-fd2e4029fc83", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 6.1.20-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.1.20-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5e5250af-4c4d-5385-9395-7f825e350eaa", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 6.1.20-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.1.20-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9030e48d-a7f6-5a1f-96c1-bf15350439de", "id": "CVE-2026-22735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22735 is fixed in version 6.1.20-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.1.20-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:50afbfb7-7df9-5303-936f-9d4dda3eff17", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 6.1.20-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.1.20-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2173c0e2-70bd-5e5b-bddd-6873311c0e31", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 6.1.20-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.1.20-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7a920cd2-5cd5-581a-a353-95058d5f8917", "id": "CVE-2026-22741", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22741 is fixed in version 6.1.20-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.1.20-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a0a2a704-49c7-53df-a616-3ba337bf2741", "id": "CVE-2026-22745", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22745 is fixed in version 6.1.20-tuxcare.3 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.1.20-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-oxm@6.1.20-tuxcare.3" } ] }