{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:dbe1e003-77e3-5dea-993c-d20c6907775a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-tx", "version": "5.3.37-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f1418a1d-cd94-5e58-87ad-37350c96c538", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.37-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:62176e50-23c7-53bd-afac-3c2070ee9b2e", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.37-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3c9f0d73-a592-5c33-a697-5b8c1930773d", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.37-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4bc000f5-bdd5-5b09-a59a-d814e635ff6f", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.37-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8ef09909-0a6b-5232-8dd2-e7128b461228", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.37-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a63158f0-04a6-51a3-a82d-a2be0b0476c1", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.37-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0060b9ce-0cbd-535a-9c3c-d68dc561e5a3", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.37-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2d2b8b79-89cf-594d-b2d1-6f6873dbf148", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.37-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:626d1d42-b3b2-5a68-9f8e-49bd1858a33e", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.37-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:24440cae-69da-5d7b-8a50-08d0c7fa87e5", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.37-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d7a6a00d-7352-5df9-9360-869d84f8446d", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.37-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f8bb6515-3240-5f27-aa36-91a3eaeb1dcc", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.37-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d8c692f4-c065-5199-9b36-a0cf55f750ae", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.37-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.3" } ] }