{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:21a7009a-03d4-5ade-861b-6ad35173b75b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-orm@6.0.16-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-orm", "version": "6.0.16-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-orm@6.0.16-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:df2f478a-5dca-5047-9221-a365d6cb6300", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f25d91ae-0d90-56d3-8005-8e4d140c03ee", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:01f91253-39f8-51fe-9a93-34980d62fd76", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92658de2-882f-5f30-a6af-7836a4d45737", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:93b98834-67bd-5c9f-805b-38c2ad5072c1", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d2cd6d7c-b0a0-5353-9165-0d8506e70017", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a85bcaad-c5e5-5d09-b488-856ca6431337", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:53cd3f84-c22a-52ef-a154-aee0d816170a", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c72bf4ad-46f5-5fcb-b605-46a6f0cbbc3e", "id": "CVE-2025-41234", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b031e4ab-74d6-5f9a-9657-be21e8236f60", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cbe5b7f8-0405-5d40-aff8-49ead2e97725", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d89a669e-d94e-540b-a277-ffa644fc89fc", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 6.0.16-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:07c1052f-3043-5aac-87f0-ea3b948c6bfd", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 6.0.16-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@6.0.16-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d4d5ae83-546e-556c-8de3-d8c87448531b", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 6.0.16-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@6.0.16-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-orm@6.0.16-tuxcare.1" } ] }