{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0f790510-107b-5b61-8a99-d208e9ce14fb", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-jdbc", "version": "5.3.24-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:df25f701-7f10-5134-93ce-941fb5622fac", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:21a49f1b-9e16-5cd5-9ec6-049364cbf4bd", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6371d07d-46d4-5c17-b7f5-5c0303d16aa0", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3b655e49-f5dc-5146-a2d0-fc3928af89b3", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:303b6aa3-a6a5-587d-83c8-9334b1f560d2", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3fd11bb4-5153-5d4a-bd04-87f9704b98dd", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:39e1ea11-bb5a-5deb-9065-adcac4c43095", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:373d3e23-4477-5e83-83fa-f284a0939e34", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d553102d-70d9-512e-a420-8636f13d738c", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8c156f10-2046-5af6-a1bf-47f62eb56c42", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:06e1474e-66e7-58df-bbcf-dc379f52b7d9", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a8d56980-4b52-59e3-8892-4c2e865a2162", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e50b18e7-25f6-5bd3-b3b5-a91f7ee5cad4", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:06ab5a9f-3394-5463-9f40-f3f61c9bdfb4", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f684f9e6-ce41-5ce1-a9a5-b448586dfd39", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b6e53602-0da2-584b-a694-79b7a5a9686e", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0d8a8890-ddc8-5dfc-a399-bea168c7e945", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:041fb2ea-8aa1-5d37-a82e-68d0071f5aa7", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:97a47f3a-7692-512b-a67a-3e995b144737", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d57fa1c9-1b6b-5264-9611-5cdbe68661c0", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:28802e3a-4d37-5490-9915-d3cd199f1c1a", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:067da587-42b9-5192-8986-d2d86937c64d", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9282f15d-c92b-5361-b027-e57c21866d67", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7cb3044d-bc54-5105-9b32-1456287d2e4e", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3e8af932-0615-554a-b264-f2205224129a", "id": "CVE-2026-41840", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-41840 does not affect version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc. Patches already applied: 7052da453285658215efc1dd5ecb0d472fde2de1 (already in target via 2c11852775 'Backport CVE-2026-22740 to 5.3.24')" }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:947a8ccb-58bb-5787-ab96-0c1753719324", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:61912c8a-94c8-536d-810d-75ea90c32c28", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fbf12106-456d-5a3c-8140-0597755c7cfa", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b5281d25-6acc-584d-809c-fa45cba89dba", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c51cd181-f25b-5505-b971-77851e05a935", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e2db8861-af6e-5cb5-a60c-a2d92d53d510", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a21bf3a5-0b7b-5b82-8c30-91e9b14a3028", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:10a95bcd-abde-58c0-a3a6-5f7d3a1cdf11", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b5090bde-794e-504e-ac14-d0dc42143691", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1ece811e-0c9a-5713-984e-8240b97786d0", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0a59fdcb-6b48-55f4-a309-832897e6eb2a", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:44cc8878-5d93-5177-98d8-a7ee243fd0e2", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ea4a3491-2872-5675-b1c2-821cf691704a", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e2b5392e-1d8e-5703-9f17-b7f8a722c6bf", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.24-tuxcare.3" } ] }