{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:56045915-27d5-5fed-b8db-b736f5c1b350", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-jdbc", "version": "5.3.31-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9dbc55b2-b9f1-518c-882f-c09e14688563", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.31-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:159f0cf2-b104-5a5e-9195-216aa2b5a66c", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:28db4658-7857-535e-a130-b0c8cfbc2a02", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:89993ac5-4d89-50fb-b36a-e4f51b73a646", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:47c02c0e-1881-576e-a071-4bb9b32990fd", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9c8996aa-d465-51c4-8241-f9912a6aecad", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9da6b90e-7309-5c66-b638-764cd9e5c0de", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d64b155e-f9a2-59e2-93c7-1dd8630c6b78", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5c2495d6-ec22-598c-ac66-350536455188", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2057c6a3-7518-5e64-aa44-a77cc3f2c5c2", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f6686e04-3d8c-5805-a9ab-4d5e0a6ee01c", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6eccb99b-6ad6-5200-8895-ea7378f2a4c0", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-jdbc 5.3.31-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d53f743e-9873-53c9-be84-439ffbc2c68c", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:abb02c6d-b369-5300-ac54-896e2bb9cdff", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4578e81a-2981-51f4-91a2-a5535eac5315", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:56df91a6-7716-5a00-9bf3-3636860a1bf9", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.31-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b241b165-0959-558a-ac03-bba6bcd55133", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.31-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1ed10f01-4492-526f-bdb0-0345207ad855", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7137394d-ff1a-5e3a-a72a-e4091e745c3d", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.31-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d7bbdc84-cc92-5cbf-a5f6-624fa8504baa", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.31-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.3" } ] }