{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ec49a70d-5b02-595a-88d9-3219b8222e4e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-tx@5.3.29-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-tx", "version": "5.3.29-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-tx@5.3.29-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b373ae8f-3958-5560-9ec6-824ad3007b59", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.29-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:93b8afe2-d19e-505f-a78e-dd7dcf885dd5", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 5.3.29-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be9643d4-8550-5a8b-9abb-0230de3c8fe7", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.3.29-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9d8b7ef-114d-5da4-a898-240ea98ade47", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.29-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:020a4fff-20b0-549a-b21d-e73436326197", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.29-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4b82cc8-8909-5308-bfc3-056d2995334e", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 5.3.29-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf5b5674-c9ed-5190-9fb3-72953f0f35a1", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.29-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:41118ab9-ab8a-5e14-bd37-69e714692f68", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.29-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:05f4ca34-79f0-51b9-9e65-150388114310", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.29-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0ef71a5-c473-510c-a09f-ccfd1e54ac32", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.29-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:70fa9e12-b6a1-53b9-b832-7d78a6aa2202", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.29-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0090f238-e0a5-5f04-a651-660ed40dfcc9", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-tx 5.3.29-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75363c12-d378-5976-8a31-be8b363fe00f", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.29-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e8b15582-c93b-5f63-ad83-1e96933438df", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.29-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4aea094c-7bab-532b-84ce-1247c8d0cc75", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.29-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:228f5716-a483-54f9-9f28-78a18bb3c0b3", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.29-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.29-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f45ee1ae-80c6-58da-9838-d012c00370f5", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.29-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.29-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.29-tuxcare.1" } ] }