{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a7b98b57-ad6c-5fcb-b732-a7cafe909370", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-orm", "version": "5.3.29-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bc640a86-c172-5d22-bd33-8fe8d1e920a6", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.29-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9025ec7b-181b-53ac-8cac-247c9a3a901b", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 5.3.29-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b3c9b86f-72f1-5bb9-8656-a87f1093cd98", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.3.29-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b85c1bc-21da-50c1-af90-a851ff50680d", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.29-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fdf2f12f-8b30-52f3-a21f-eed632c4953b", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.29-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1eca336c-c60f-5939-9f58-7af39ae1e9ec", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 5.3.29-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf81f1f9-efb5-5854-aad7-3a00937ebd2d", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.29-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b80a0099-edc5-5e69-a10a-8122c17d9014", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.29-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7ebae513-b6c9-5d10-9dcd-6f88ed8da34f", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.29-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f73de51d-3577-56fd-83e8-d3e5d633324e", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.29-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:54d2a58f-798e-56bb-bdfa-530f306b49f7", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.29-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96b0d077-5d7a-5cd4-afa7-1f8ddd070e79", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-orm 5.3.29-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:512c5500-554b-5cbf-a200-c4726ba08b81", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.29-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:93270fd4-f5da-50a0-a664-cd69c9c14d41", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.29-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a09f5605-d31b-591a-8e77-b37fc5c534e8", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.29-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96e74891-1aad-50c6-9212-dd6fde53b4e9", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.29-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:721b2574-97fa-5d5e-9c65-daf86c3ddd6c", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.29-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.1" } ] }