{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9b8b22dc-18f7-50a4-b4c0-23e0f9119d38", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-r2dbc", "version": "5.3.7-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cbc3219d-5119-5a10-acba-d41dbf2b8fba", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:62b77a08-0f27-5e66-bdc4-a0dfc2db314a", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:68cdb918-660b-55f3-8dbb-79ac7441f725", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7d8f729-4d6f-5098-a7db-95195b838efa", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0d5daf90-a4a7-559a-9565-ad456eb6f4a5", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8f2a4d6f-81a0-5610-85be-404ef1cfb277", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2ff42283-41a0-5c29-8aa5-1f955642f3bf", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e4df5623-53ce-5e29-a7fa-961f2998f5a1", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7dcdca4a-c3b7-50ba-9fe1-5cfef10cb154", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c5358cb1-6f6d-558d-8316-9202332f502f", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c1833da4-1ec9-52eb-9d3a-455004fb7cc6", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:abbdc42c-ab31-5ef2-b748-a63d23c50a71", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a799a67-05b6-51b2-a6fe-4039ab645ec2", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e89582f-cdb4-5ebf-86be-81859d797dae", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6c1b6c3f-31a6-5d72-b6eb-45f52bcca100", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c95c200-ec54-5397-a958-371a7e82a50e", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c4c6e4b3-5106-51b9-9759-a70a8e7ca46e", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:084fb9f1-3970-5e75-8b04-3bbf835849dd", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e61c20c6-4e5f-5b11-9ce1-6fcb32866ab7", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d34b61b6-8886-58c1-90aa-3625b4d03b2b", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d595a97-228b-58e3-8a95-abac8babcfa5", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c8386777-508e-513b-826a-b79d840158d6", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-r2dbc 5.3.7-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:350149d7-a0d3-52f3-89b8-d3eae262f3bc", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a16f70bb-d43e-5328-9c09-433e966276d2", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f42b0e60-98e8-53a4-a385-8fc0049395f3", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:98909cbf-55e2-5879-b67b-d01110e7b398", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cd6cc5ea-2935-50ac-844c-4e1eda51c636", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.7-tuxcare.2 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.7-tuxcare.2" } ] }