{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:503300bd-5d64-5284-a257-7aaee0bb2e0c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jdbc@5.3.27.tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-jdbc", "version": "5.3.27.tuxcare.1", "purl": "pkg:maven/org.springframework/spring-jdbc@5.3.27.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b320f847-4b13-5581-b640-b370910c92f6", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.27.tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:12b42e3a-332a-5d72-a664-3bb739dd21fa", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.27.tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68023245-d02a-5bb4-a95d-2694f7f6f074", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.27.tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0463020-add6-50ef-b180-7a683b63500c", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.27.tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe659784-c4d7-5143-8cbb-6a0298b57003", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.27.tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ddddad11-d058-5b7d-bd26-3c9a588b3ae9", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.27.tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1d124dc-fb04-53c2-87b1-b11ed5c31003", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.27.tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4004c6c-56c4-5854-9515-583be0ab47cf", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.27.tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d868c4c8-2c41-5102-84e3-b42da9354f53", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.27.tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b8845be-230c-51e0-b887-836bf1fdd7b5", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.27.tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e605ebd1-25af-5c90-9ec7-985a4d629a1a", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.27.tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b7429ec-04e7-598c-9997-0c7b94ff89da", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-jdbc 5.3.27.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a9e1844f-05a3-5ec8-8a75-4362814fdabf", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.27.tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:79260670-e59a-5427-81cd-6f39d61b2082", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.27.tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75706a14-55b1-5485-b831-c257d173aac6", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.27.tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7465d5c7-3523-5a1a-9615-7ba40a5190d5", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.27.tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bae26385-8bdb-5955-80f2-5a8552c71ca0", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.27.tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.27.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.27.tuxcare.1" } ] }