{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b7956f5b-8fb8-571e-8310-7b2d8d1c5001", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-tx", "version": "5.2.0.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f166f93e-2e4d-5bce-9d13-948dea7c748a", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:54e510e2-ee0d-5fd7-b9d8-1a56b666e5b9", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:494b6d91-e599-57ad-991d-1797e477b49f", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5cf43d77-d17a-5620-8a05-6bdfc17171fd", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f645635c-c64e-5cc3-a3b3-c76a04cdd330", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:41567c4d-0473-5cdc-b928-d369e8cb40c6", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7f139a7d-9456-5f6c-9fb9-f31d74a5dffa", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:857180a0-a4cf-55cf-ba50-f45d69afca58", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b9832e83-f243-5de7-a8b9-a4bb7e27b3b0", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3cb12396-cef6-5f58-977c-387b5933bb01", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9b60195d-7cea-5e16-a6ef-374b875aef7f", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:75c0f8ce-d673-5ead-8a39-ff217d6a4f76", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6bfe4b1d-0a86-54dd-b7f1-9ad1653da594", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dbdd6741-b189-5166-8230-2e183d7db80b", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6caa0e2a-1275-5787-9d19-574fcca6e67b", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cc4059c5-6c77-549e-8591-5b7c8e757528", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ff5111dc-f027-5c5b-883f-f4f6a5566d94", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e883a27e-abb9-5458-adf2-d50f9a89c7ee", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:522372bb-b592-5b92-8063-11df5c9a53b9", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-tx 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78cd1553-fb85-5da5-afe2-be15e14b2848", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:63797bdd-a419-54cb-b172-add1514bec62", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:46829c8d-1a79-5483-9e60-92aa6ffc1707", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b3f063d8-d12b-5f54-b2fc-39428eae8f22", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6a85d5bd-fbf4-5964-baf5-8275ad2983a3", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-tx 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:abce6908-93c7-55b9-9cc6-ea51ff1d37e2", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }