{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:84858a47-65c5-54e2-adc5-13e9826026ea", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-tx", "version": "4.3.30.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3880bc86-deb4-5e9a-9b4c-1503599c2365", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:48ce3546-a84c-55c7-b07c-3011e8243e99", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7f438048-262c-5a10-a26c-49886464b4ea", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:225a892c-0588-5caa-a736-54512712bccf", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b1dc70e-50e9-5c39-a663-860547711e19", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc0762a4-0f3b-57f9-9e57-6d95351c4823", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:130d3d82-7fde-57b9-a9e2-c0a50de7ce74", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d9670ce3-5cc3-5e4e-a3ba-5da80d4bbe6b", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d8891393-1ee2-5134-9c4e-534b9764f5b5", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:75ea0fb4-c168-5889-af8b-d7bde8e67a31", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1de733c0-440a-5823-a335-902fc2c59a5a", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d6f24d89-c359-52b5-86d6-e645cc566818", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2dbdb859-e0a1-5978-be49-4d6778db42b5", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:884da92a-cace-573f-aede-dfa11f270e5a", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:39eccda8-8321-5ad1-a986-0843828bdb18", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f66a0f9f-da24-5ea4-b831-e888eac77ec7", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb35cba3-09ff-52db-aa3d-6c99b966ccb5", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:475b56ce-ff4d-50e5-92f4-d6f8946ff32d", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4cb70017-9b0c-52ae-aacb-bd71eed64d05", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:abb45ed7-7f37-5299-b81c-baa55e81033e", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:44198def-24cb-53b7-bdcd-de5f7995ed47", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:68b4f6bc-d240-5030-bdb5-fde25d3625be", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a76cb253-8ccd-595c-a61e-7a263c21578e", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d963395-7eaf-5933-b6e4-b59cdf4f44b5", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:99f0a9e0-543d-5bba-a7ef-b0b91f90d232", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-tx@4.3.30.RELEASE-tuxcare.2" } ] }