{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1fe9f919-b96a-5643-a63e-95359fc5db7b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-jdbc", "version": "5.3.37-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:55771fdf-4469-5c2b-9deb-e9c1cae00546", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.37-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a8c0f5ce-9a7f-590a-a8ca-1b3defaf1397", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.37-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a7d25f64-b396-55c3-b285-942482be45d5", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.37-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:76aa072f-865c-52b1-9fbb-baa6249c0a3c", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.37-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4aefb823-2f05-5522-a716-453a80e2b9a6", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.37-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e95e155d-8e61-54dc-9c3b-c5d13d5a8c17", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.37-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:34736764-f35a-5731-928c-911494688ac0", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.37-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:abf54dc4-1bcd-5aa5-991f-a11275cfc78f", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.37-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:54c9a642-eaca-5ed4-aa7d-017076750e6b", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.37-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:89038a68-15ee-591d-af97-1073eb5222d9", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.37-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:14bb9478-a7f2-5dd8-80b5-fac1166abdb6", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.37-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec6e7167-b573-5986-8a05-d80ba2973d79", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.37-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c225fe7-4f3a-5b27-a11b-be4ba36cc359", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.37-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.1" } ] }