{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:cd8ada88-2259-5f03-97a1-17f6b3237865", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-orm", "version": "5.3.27-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e3b28881-698e-5dc9-9346-611b9dbfe5aa", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.27-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2ab52161-c9a1-5317-97ed-171df48e99b2", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.27-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34c030c4-188c-5eeb-9845-6ff986d0538b", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.27-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36209041-7aa0-5afc-b1ff-6ae1b5b69111", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.27-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e85b7c83-9657-53ee-9cb5-f16308b1458d", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.27-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f75eea83-c06f-56d5-8ad3-cc3c8dcb9894", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.27-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0da1941e-031b-5d7e-bc63-2bf651733ae4", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.27-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9253e808-37b9-50af-bec3-014f15f785fe", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.27-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:00057f6b-10fa-5f3e-b0b6-f8f7b0c80bf6", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.27-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:56f08111-ee67-5cc0-aab0-3e31e3a54997", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.27-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:062a4501-734d-522c-a5f3-dcd2a1e45aa5", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.27-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bc17a561-e734-545a-b60a-ab25db26ec9f", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-orm 5.3.27-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bfe2b3f0-6465-5602-a1b5-a4990eec5db5", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.27-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:61e866a8-f3ee-5ea1-96fb-76f645f3a03c", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.27-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:319e37d4-b4e7-5697-8692-6223980c4f64", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.27-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c9d3955-ea9f-5241-a049-02eed45c8c65", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.27-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a8e7629a-e77c-5523-a964-613c6be8604c", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.27-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.2" } ] }