{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8aebcf7b-08fd-5219-afd2-a60b9ca2cc1f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-tx", "version": "5.3.7-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:87a264be-f970-54e8-af7c-0b899522b8dd", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b44bd95-ebff-522c-80ed-8b10df283de4", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e0f88a1-e494-5491-aa42-ad67f4c99a48", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:17b1a021-14ee-5be4-b81e-303487af259e", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4886ec71-48b4-5cb5-aa0e-bf252dbcfa88", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc92a23c-a44b-5802-988b-5bf414487445", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:82b5fa45-5a01-5db2-90a2-80f45e3743c1", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab224154-5144-51ab-84cd-fc76070761fc", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f8ed22e5-0479-5844-9cec-193ea661b12c", "id": "CVE-2023-20860", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20860 affects version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b34887e1-ccdd-528d-a7cd-3af45ba10826", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d7c6b264-958f-53b6-b546-cf7505e9a1bc", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1d0e1ab-c80e-5d81-a7f9-67c9ef728def", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:38ca4bc6-13d2-54ab-bf2f-ab8c4d649df4", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5cc9c54c-d356-5b23-8850-483119649365", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:01232fc7-892b-53f0-9b78-022dd8b24de0", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b47774b-df25-5d4f-8ae5-81ad856c1022", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c775649-56ba-51b7-ba31-16d8006553f1", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88071e9f-1182-5ed0-9511-ed1c5302c595", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b38cf6e-5491-50aa-96b4-86b70a5514fa", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f8e3b24a-9910-56ca-a78c-6a6449c47aa6", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4bc0d10b-3335-5fda-99bc-e6936a46f250", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:35fb8c7d-5bad-5281-b75d-02e4f59c92dc", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-tx 5.3.7-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:42e26657-8574-5ff6-b75f-97a8fc2ce5d2", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:973e4a46-cfee-5cda-b2ac-fef4a4a29573", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:44d135ca-8162-551f-8b48-7c90064e0189", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:22ddec0a-42cc-57d3-92d5-4cc2810fcf88", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b102a89b-9bff-50a6-9991-dce551675a03", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.7-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.1" } ] }