{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a55a6977-1b62-537d-abaa-d54daead8e53", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.5", "type": "library", "group": "org.springframework", "name": "spring-tx", "version": "5.3.37-tuxcare.5", "purl": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2b250b14-76b3-522c-9989-50fb90c67bf2", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.37-tuxcare.5 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2ec55b9f-e202-5108-827a-659c0c44eea7", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:071e457b-1cdb-55f6-b573-63a5b6b1b082", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f7f118a2-b661-5de1-9a6b-d4af3f27c84a", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:17941879-49d0-5651-ac11-d5569336e8e5", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.37-tuxcare.5 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4304b418-493f-5645-b3e5-906dfec9361c", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ecc1ea04-902c-565c-bc5b-74d54f40613e", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.37-tuxcare.5 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bf8dc594-d0e8-5e78-9a78-7d1074f21075", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ee8136eb-d58d-5ffc-a12b-d72661aab2ec", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.37-tuxcare.5 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1d8b15b1-6ffb-5aa4-b81c-4afece9bd9b0", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7082fec0-88f2-5076-84a7-035b59108396", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.37-tuxcare.5 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f314086d-d502-54c0-94d3-0eb6e44bcce6", "id": "CVE-2026-22735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22735 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6cf3f8e8-94d7-5ab0-a885-e577793cf294", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.37-tuxcare.5 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c8e5593c-8e8f-5ab9-a5d5-c70cbf689323", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e52306f0-be8c-53c7-afb6-42414558fb03", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.37-tuxcare.5 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:00c7d354-4501-5cae-ac6a-f1afe0248192", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.37-tuxcare.5 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.5" } ] }