{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4a536ffb-6e3b-510b-9df1-0f82c8b45b81", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-jdbc", "version": "5.3.37-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:064f9914-a7ed-54a1-81af-20e96156b1fb", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.37-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d5834989-c6c6-51a2-a9f9-b5fc366bb4df", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:94d8c24c-7595-5b2f-8c1c-c29f3201023b", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:61e985c0-9d79-588e-9c93-f526db0ac328", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2d94297c-bd16-5bbe-98e4-577c7c4eb124", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.37-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:205aaa68-e73c-585c-88f9-0654bed54024", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1e89da95-d4af-5350-9767-c3cf25f20732", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.37-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5778257d-5e7f-53c9-8a56-76fbfdefe547", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:492c2219-9314-5bfb-a53a-9b1c747f23af", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.37-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f7164aff-06e0-58ee-a2a0-9656ae03dd51", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8b257714-70c1-5f6b-a546-93d64ab325eb", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.37-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a5fe1254-8a71-5c9c-8559-c40e6c363c4e", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.37-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5651d741-794a-588c-a87d-4e1efbe0ae0e", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.37-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:79f983c0-18a7-5787-83d5-dddde80b290f", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:42030649-f17d-5928-b893-fc4f1e035bc2", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.37-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:43a220a5-b043-5095-ad3d-59a1cf6422d4", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.37-tuxcare.4 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.37-tuxcare.4" } ] }