{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:25453680-5bbf-59d1-89fc-1195891e9f6b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-orm@5.3.31-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-orm", "version": "5.3.31-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-orm@5.3.31-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:abb663b4-349a-5eab-a914-949c95b179d1", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.31-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:61efa4b3-a3d6-5d3d-85cc-3c54f485de9a", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5fbe8dc0-9926-5cb2-91d0-ec86c8d02dcd", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f73469df-a7bb-55f3-ab3d-6f7b1af6535d", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3b2b8705-c064-5799-a461-082b03cca5ad", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b53418b0-89c2-54dc-b0fc-0bb83878866e", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13f753c4-533a-571f-8e49-8e0a469b7961", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:442606f1-32f0-5494-8e12-4bd3d1b2f767", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5365bd16-92bf-578d-95a5-ddb27f1338ce", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0030ba87-467d-592f-a531-a38a3a8fc602", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e3597794-1367-526a-adba-b6c9a8c988b5", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a7a6fd2-67f3-51f1-bfab-951e3da7d92f", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-orm 5.3.31-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:704e6ce1-1115-532a-a406-98f3e8ca5d43", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c7948710-bfbe-5e1c-8eb4-f1bba1961c79", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:81eb0d0d-c0bf-52e3-a343-e9946704b57d", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6412c88d-487f-5a0f-baed-30eb6718d8b1", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.31-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.31-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a3bb903-fdac-5134-8c01-76cae57c6326", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.31-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.31-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.31-tuxcare.2" } ] }