{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:705b727b-c23c-5649-bf98-99e097dc315a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-r2dbc", "version": "5.3.7-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f74bf52e-021c-55fb-a5d8-219dfe76d8ab", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e785756d-f544-561a-a783-1b56e53095a6", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:16f6616a-1e52-518f-85cb-5f66d7e1e4cc", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ecf35200-7d2c-5d36-baa5-82e1c674577b", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3e9d22f5-8f9b-5ef2-aeb3-62c7638551c6", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be6c5a99-cc78-5bd9-ac92-0feec41f1ada", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7748518b-8d66-56f0-8888-c4d4bf694436", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f75cd109-595e-5e9c-91a9-ec2489ea4ef5", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c799a18a-ccb7-5aef-be2d-74eea05a1be1", "id": "CVE-2023-20860", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20860 affects version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1a70a251-f5e2-5e46-854b-ca0108f0ae0f", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1bad6949-75f3-5af0-89f6-0faa683b7fd8", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af8fa890-b6f0-5198-bddd-a751a5310a2d", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d3a4c61b-0abf-585a-b95a-8ee60f155b69", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1caea3a-498a-531a-b1e2-5a65c0c0293f", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d66d149c-408b-5b7c-bd6a-070018f7b920", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d4be5c27-6252-5212-b18b-4ae4337892ba", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:efc5a207-0ed0-52dc-8265-5cdcab520379", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0877112-f480-5549-8776-3f984c39323f", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:31befd2a-d21b-542c-9de7-3a4cfed22e56", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb878976-d782-5e19-9152-a9461928a474", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab5d44b6-995d-5d5c-b415-70e7e2326d13", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb37f09a-4d06-560e-bcee-278eeb7a9e6d", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-r2dbc 5.3.7-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:066ecd98-c633-5af5-8021-b919ce55c098", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95a0eb7a-8326-5ee6-a4d1-c2067606f530", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:487b8ee9-6f70-5db8-b5fe-5e221c4a8fea", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ee23c09-9bd2-5e0b-8bad-1000f699fe52", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:26c3b084-355b-5716-a033-50c5e91fc24b", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.7-tuxcare.1 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.1" } ] }