{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:87f9cf90-d72b-5b8c-a855-1a56e341c998", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-tx", "version": "4.0.0.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7b8f5849-ee52-578b-a110-63e628c47703", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b4b4d04-f43e-50c8-83bf-38234ebf64ce", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:54ab4690-7fbe-53c4-8b48-cc0dcd4185a6", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b41117e-f801-5791-978c-12f114eeeb37", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2075e619-3023-5443-9639-8fa43eadb0ef", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:774a54bb-2aa9-50c1-8395-c729a333ec22", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d162dbfd-825a-505e-a04d-4a1f24f939a4", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae912247-71b6-5774-9f38-fcf2063f37f2", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d79489e0-554c-5f17-90da-0f2075d6a8f8", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:62375953-32e1-5602-9fcb-6074fb0aced7", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:537c252c-5f04-5a31-8a8a-45581d46f6d3", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ed3dbe3-dadd-501b-992e-db6d77e70a08", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7cce8b60-a074-5867-b7dc-5bd87dd100f4", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-tx 4.0.0.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d5474eb7-9914-5b3e-8f82-3db7562a4a00", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:658254bc-b354-506a-a8c0-489eebec3a13", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3b722a3-401f-5ccb-b1e5-66ea3e85fef7", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:389a1521-7494-590f-a816-0edbe12835b6", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:497f70f2-f497-5a84-ab4d-cc208a09bd98", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:63dde434-dfa0-57dd-a3cc-5ae095f21288", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0843ed0f-addf-5b90-a7ad-f9463184e5d2", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0bbbcba-631d-5576-9f5e-a731cd4a6b81", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64000bf6-001a-5a7e-8f5c-03a4d0c336c5", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b06a80ac-a2ad-59a7-80fa-f971827dc200", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:207751c5-4bfd-5f5b-9e6d-2172810abc72", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b7d02d4-6c83-5978-96c3-c21373945e3f", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:67386695-6ab7-5167-a747-c39e140a5fcd", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a3925b77-713b-5046-92f8-c83419acab91", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:090d4781-98a0-518e-939c-41e2d2543a42", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eaccbde1-40ae-5c00-ac75-942ca0adee92", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2aec51c6-bb02-548f-8b31-93dac1b3087a", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f618294-0455-5b68-8e82-6711825c18c5", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d1c81e0a-fe74-56cd-9b9d-e5e7792e2134", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95c91887-6f1b-53c0-a49a-74e050ab4b29", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28c6a688-5bde-5d57-9a4e-734128ed61d3", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c983df9-be31-5304-be96-d931122297d8", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:63e2a501-8301-57ac-9f89-19c382704554", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c6ee7148-0b40-5246-9394-1b5ad787f695", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:442d92d3-91b9-5472-a552-3f83450e3dec", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db6186ac-3bc0-551d-a4c2-0d3764d1e416", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a18b2be-5efa-5db9-aaa9-16de81d54047", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.1" } ] }