{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7a007c4f-2c62-5b85-9052-0f71e2454f44", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-tx", "version": "5.3.7-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:06086ab6-c450-55b2-bf95-166c8b3da6f7", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0698b73-398d-56c0-905e-9f4576f00ec2", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d85ea17-023f-5990-a1e3-22b7a89ee447", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6181e8c4-ceba-5a77-be9b-c8217cc9b025", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2aed4a66-cd80-50b0-b968-b43400d1166a", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a81fcef-515e-5a21-b6b9-28d1893d1ffd", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:da9106ec-1e4d-570f-aaae-9cabf175359d", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5247da3-9dfb-5050-8a38-9d37472e952d", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a15963ab-a5f2-50c6-ad99-271584be9ee1", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76230e00-57b9-5e6b-bd0f-714e210bc1ed", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e7a3d7f-2a3c-5771-94ad-3629d9c1d880", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:414d69f2-4fa4-5a31-8014-34dfaaf9bcbe", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b504ce0-7c00-5336-b0e5-94e6e2139fb4", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:de39c742-b41c-5e07-a89b-09d9c5a97dc7", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9c953522-811f-593e-886b-dc3b849e0b32", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:922a7678-8a8a-5e6d-aaf0-fad37338633b", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b124e2aa-3475-5eba-84b8-b2c5f511135a", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c96a33bb-6eaa-501a-aa9e-2f2de7ff05c8", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c7da30af-7b13-585f-be13-ba761d24e2e7", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a295d55f-e8c4-57c3-b97c-a12969348668", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15cbf1a7-57de-5af5-86d5-fee16925b9ce", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a41682a1-7db9-5eed-9ca4-675e626416cb", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-tx 5.3.7-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:99ada1dc-e6a1-5888-ae4f-53d13795332f", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f399cea5-1254-5dae-ba95-3891d4a20f0e", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5eb5de00-2ad7-5ec0-af57-8780cb2fdaa7", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a9e9d7ab-724b-5520-b61a-16b76350ddad", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:267600dc-6803-5211-bb7b-3e00a0e4240e", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.7-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.7-tuxcare.2" } ] }