{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a6c467a2-596d-5f9d-9570-a8dadafec37c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jdbc@5.3.25-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-jdbc", "version": "5.3.25-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-jdbc@5.3.25-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3de78bbd-f7cf-5e5c-8af4-17786936406f", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.25-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3472ab03-cdfb-573a-a31e-9a3ac24eac06", "id": "CVE-2023-20860", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20860 affects version 5.3.25-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4946f580-cb00-5b87-9974-42197620074d", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.3.25-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef083b75-d528-5ef8-9487-5cbf57fbbc22", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:50d1ab74-c458-507d-afd1-a52889a65825", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 5.3.25-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b381621f-c7f1-5f2b-b401-527465856d97", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.3.25-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f4e9ed0-c95e-5df5-ad32-36ed22b95e1a", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.25-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b142e06-6704-57c6-add2-a6acb9485042", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.25-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7179a903-864f-5167-aa7c-d6c269a5b815", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 5.3.25-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a22956f2-6376-5586-ab71-cc7f4190e50c", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.25-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68e5ea5e-0731-55b8-a5d7-142108a616fb", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.25-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ceefd41f-a67f-5d55-8bce-24ee552d985a", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1ca9ca16-6f59-5b11-85c4-358ac1e16cf5", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:753d7eb3-1bfe-575a-a950-f29a4d7fd126", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.25-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4c30f37a-47f9-5595-bfa9-77bc47f2c285", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.25-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58c67467-5be8-500c-a0c4-dfa2ef2aa82e", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a45518a2-9edf-5897-bb02-1198fc18c7b7", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:102dad5d-4788-5f42-b5f1-39c1de8c8cb1", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.25-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91327360-28d6-5fcc-a98e-39877202fc69", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.25-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f75ef88e-156a-537d-99cc-d828422a7f39", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.25-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d19d8d9-8d37-59bf-ae44-3924404303c6", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.25-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d2aac8b0-752e-5bfe-bf91-6df5245bcd1b", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.25-tuxcare.1 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.25-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.25-tuxcare.1" } ] }