{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9416441c-c847-5d16-acb2-307a34ce6aef", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-jdbc", "version": "5.3.37-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:690cd6bb-ce9a-530c-9eac-e280ffbe4630", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.37-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3d8d4dd7-bd47-562a-b4e1-8ff0184879ce", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.37-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fb6ee925-07fe-5782-9a71-e80fec40bd0c", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.37-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7cd9334f-6b46-5723-84ac-35145ffa98df", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.37-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9e369bed-9fc8-5d41-bf1e-8700dceb0441", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.37-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:143ca498-cd28-5b16-ab82-faaf04ff2c4b", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.37-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5700c3f-1a8a-5f08-9ee7-2cb2d508d253", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.37-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c6b25d8-fa6a-5a63-930b-4aba4f04f69b", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.37-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f85a245-ef65-57bd-9ab0-651ad6412ee0", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.37-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7577d44a-c004-5059-b2d1-1d6379fa862f", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.37-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d86bfb54-9042-5088-9ce8-9a9ccce1eccc", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.37-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:156cc601-0fa4-5b17-9a9e-59f79673ff25", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.37-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cbe3a3f5-54f0-5fef-bd81-b0be819ffe66", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.37-tuxcare.2 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.2" } ] }