{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8eea1a25-22aa-5e4c-8594-97a08a4a05f1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-tx", "version": "5.2.13.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5f10b83f-8bb1-5fab-8cdc-7935b050b3d4", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da6118b1-ff3b-5a3f-b01b-ce9533aea9b4", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0244549-428c-5a0a-8529-e272848523b7", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:65a44f21-157b-54eb-a388-700a24b511a0", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:81ca0dca-57f2-55e6-9e94-31cc76fa9938", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:522c08c8-b1ab-5d65-9d6d-affb6bdc1b52", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9cb24096-5527-5409-90c6-b5e3c9677444", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c5bd6db-b895-5931-a03e-27a8f5f9369a", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe5d004a-8e58-52fc-9ca5-d5e7e74bf252", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:baf50821-6373-5f0e-9cf4-29337f454232", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7ee664e9-c932-5127-96ae-20f1c9823192", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b892d5e-d85e-5c9d-a41f-aef2600299c1", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f87673b1-0585-5e62-9c95-36b10cc9cf21", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:40d6545b-7442-5725-9066-f6251a2dd5e1", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4e42f39a-500b-501a-a99f-d0ad6c4503f9", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:43470ce8-334c-5638-b6c5-c2a1882ec482", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bffcfb23-b025-5cd5-a6f5-212ce82d483e", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9be4393a-7c35-5f84-b1c1-62b6a09154ce", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa04fe03-e0f8-51a3-9cb2-e8357b867303", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3b097ee-f73e-5a78-8d03-15ca1047f35b", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b7570313-17ef-5a07-b85e-f51b5f8b9cd1", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f44d8695-0d05-5ab7-b6f9-79e6be196993", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:81f8e127-41b6-510d-afe1-111c0e14fec5", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.13.RELEASE-tuxcare.1" } ] }