{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:406519f6-390e-5476-905a-2e1b1118cc1e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.27.tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-r2dbc", "version": "5.3.27.tuxcare.1", "purl": "pkg:maven/org.springframework/spring-r2dbc@5.3.27.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e3bea214-7d46-55f0-ba33-890ac05da2ed", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.27.tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0ae42ca-c724-55e0-ae20-b6317befc02b", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.27.tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:09c9160d-e3a1-5f6a-b3b2-70a4927ca480", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.27.tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bea0af8e-d399-576b-b2ed-4893f6ab42b1", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.27.tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:efce5c7d-a01b-559a-a551-4d1fa8feb7bf", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.27.tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b967f25-68e6-5fa8-a528-31a1cb3cf22c", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.27.tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a53f950d-d410-5116-9e1f-c7c3cc02fd85", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.27.tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3ec232bf-9de4-5aee-ab37-bc6d2665addf", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.27.tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b60ac568-eb7b-517b-985e-16a842d13601", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.27.tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e2aa8b6a-c9f8-5dca-aaf8-878ddbb937e6", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.27.tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7e4e0f06-8c09-592f-ad43-7b2db4d60c1e", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.27.tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:779d605a-6284-52ac-a204-cf07ca824344", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-r2dbc 5.3.27.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cccf0a27-f415-5b91-9406-0d0609176645", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.27.tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0851a9e1-bd78-5403-bf45-8ea59212792c", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.27.tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1da7c09a-de51-5cc2-931b-f7bf9c42880d", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.27.tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e8e87ce7-9261-5924-bc36-4aed872b48e6", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.27.tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.27.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:94258284-a33e-508d-96be-4e1ee2ee83af", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.27.tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.27.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.27.tuxcare.1" } ] }