{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:15fb6cf3-ff81-57d1-880d-aa71f871fbd6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.5", "type": "library", "group": "org.springframework", "name": "spring-r2dbc", "version": "5.3.37-tuxcare.5", "purl": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:defe4ccc-3932-5ba9-a33a-062ccd47ec88", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.37-tuxcare.5 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ded8279d-5815-5873-bb7e-a43571065561", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:72f87c1b-b730-59fc-8e6a-621038eef7fb", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:17cc926f-4d5d-516f-a067-a8685176ebdf", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:83793055-c0ab-50b9-8207-eb308e5938fb", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.37-tuxcare.5 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6ab075c3-a5df-54a8-8359-c4a4b14a1b22", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:75bb21bd-5e4c-5900-a1d2-3a2ec8b0b3d8", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.37-tuxcare.5 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:df086940-f4cf-5fd8-84c3-bb3de0b96fea", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0b5cee9b-f062-5cb3-aace-83f3a794c442", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.37-tuxcare.5 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:128d01de-f95c-51bf-b648-2174df7982c7", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b6c58b44-7d64-5bdf-8b1f-85165f63a202", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.37-tuxcare.5 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:58925f5f-a046-5f69-bcef-e3190b5ca5b6", "id": "CVE-2026-22735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22735 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a16c5ac1-e1ae-5726-988b-28c86800ef41", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.37-tuxcare.5 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0d9749f1-3e41-5e75-9685-89ff453034dd", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0284a217-ffdc-52f0-be74-4e9b41e9eaa9", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.37-tuxcare.5 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e3d8eddf-7769-5120-8f37-b4eabe013a7b", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.37-tuxcare.5 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.5" } ] }