{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bef3a567-8515-536f-84b6-d323a8828f6c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-r2dbc", "version": "5.3.37-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:de07e97c-1a3d-5451-8ae0-96bfdfeb4c30", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.37-tuxcare.3 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:77846189-1809-5938-b08a-6502cd3d1ca6", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.37-tuxcare.3 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ebb29999-71ef-514e-9115-31178c9a3c69", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.37-tuxcare.3 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d65da002-195c-539a-8663-1662658838f5", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.37-tuxcare.3 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9c5c9f66-10c2-5f0e-b784-c83cd9de1fb3", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.37-tuxcare.3 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e56304ae-ad03-5161-a997-16321a9852fc", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.37-tuxcare.3 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9768c264-669a-54cb-bba4-1a31f139cb20", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.37-tuxcare.3 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e8b6a2f9-c1c6-51ee-a165-b51cc11e92e6", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.37-tuxcare.3 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f6e66eb0-b333-53ad-a27b-858d4e827e6e", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.37-tuxcare.3 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:650920ee-4933-5f43-bf02-47a1c2a4e324", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.37-tuxcare.3 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:16332d9f-2c4b-5f3c-9707-5d2d04841c89", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.37-tuxcare.3 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:01a10759-869b-5756-a8be-60322d83a286", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.37-tuxcare.3 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:edf1f33d-669e-5737-9f78-201d32ede6c6", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.37-tuxcare.3 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.3" } ] }