{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9782ba03-ea24-59e1-bc54-30a59f278647", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-tx", "version": "4.0.0.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c7bb26e0-1f2a-57b6-9036-5dd8f6306532", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4bf8e581-ccb2-5412-8af8-302342764a88", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:58501ff9-913c-5745-adba-9d53f9d59787", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f7c0ad9-c455-5d8d-98fb-33bf40c7c8d7", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd53992e-a686-5e92-9a2d-c293d16a0a27", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf604792-cbc7-5966-97ff-8a73ae61799c", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0f7ee409-e24b-5850-a670-a128a82ab6e3", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0e9f4bbd-2847-54bb-9ace-974589658155", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cd08acdf-968d-51d5-beff-1b00e6f5328b", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c189494d-36bf-5326-ae66-582e106a7244", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d70fa41f-34b2-5a20-abc5-479e244ed4c2", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e83f9f3-4c96-5447-9772-330b0fcdb7f3", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b2060dcd-4b64-5e3e-ac09-3b6f4037f120", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-tx 4.0.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7dbd442a-2a67-5fbb-a949-5d290c3d6b48", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:203409e3-686c-5397-921f-8718b2529ac5", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fdc1eebd-feee-5e60-ae36-00e5c06f7cf2", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b09aa8e3-af1c-5f68-ab77-9192fad27f90", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f282d94-235e-59e5-9ddf-a37b6f7e0458", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:00ab6e6c-6ba6-58aa-85c7-313f367d73d4", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:55eca72a-d1f7-5124-823d-5e29d1114479", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:450fcad9-fc3b-5b2b-8193-f5f771f5ce60", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:70747e13-83bd-5794-b9ac-068e3d594414", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42ceabee-f752-518a-960c-836f67b641e9", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:829c718f-18a5-5787-b852-9477170f2b7a", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4fd09e7a-3f82-5a77-94be-5e45c47ad15f", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:38de6622-1218-5b15-bf83-4948db7d9644", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f3dbab6-0149-5f64-a270-aabb50b557bc", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a53048c2-700e-5e09-9c4a-e024f33d44d7", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:12f695da-ed42-5a88-85d4-9840207ee70a", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fb299f4f-ad97-5375-b053-15c082676bc9", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:987485d4-a7e0-576a-aa84-15958bffe2a9", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a1563f3a-b672-5adf-afc0-cebf469d8063", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:49bc3afa-af92-5a9b-b1f5-a2f404d86832", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c8eb4a78-e7b1-5432-83bd-fd6c1fe52249", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ff19d4a-924b-5c66-b133-2ebc82d72956", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e831a912-631c-56fa-867c-d251bc462fea", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6b6d3c00-3516-5fb4-9f5d-e1cd63767488", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:466f379a-fe28-5449-b0bf-7f7192594eb2", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb47a170-b0e1-5173-8a04-232698763e03", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ac69c8d-51b0-56c2-af24-4b120af0fa07", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.0.0.RELEASE-tuxcare.2" } ] }