{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:84b1c08d-8fa1-5b7c-b3e1-906c139cd40f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-orm", "version": "5.3.24-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1ea5efaf-d06c-59ce-839a-52c892a77ba3", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:09b242c1-be36-5496-9b3d-eb7d238c41b0", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7dec1d96-dd37-55e5-953b-5aa4c4df4222", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:52bc4dd5-a5be-5e6e-a05f-f9fd3190cdd4", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34c79eab-b280-520f-9d13-23a6238fce1a", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:684e4287-dc39-51b8-b428-020e4bb415ce", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9df96f91-965b-5cd2-a406-2e117bd8cc6e", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9af63cfd-7015-5ad7-92b6-c5be577bd82b", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bc43c629-00b5-50ee-9484-5011f1be6307", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57c02ce5-3bce-5ffe-bae6-b4af3e585fc6", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5de9b9f9-7b2d-53a7-aa3a-b7c68e8b4b1e", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:114e0396-f935-5093-abbc-1e320a823c6c", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c3d70ef4-3cf6-5a5a-ba8c-975a04766de0", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3aa54f8-7d69-52bb-b2ed-6012d4443b53", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c13665d0-f34c-5fdf-b44e-4b4c06c3ec41", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:48e2591e-5d6e-5429-a959-238d9427a6cf", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6ffd3468-ea29-58fd-b3c7-96bdbac4aef7", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f9ad21b-535c-5683-8390-4ddbb4e727ba", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5b28c8a6-dcbf-56c6-9c71-715de3f1483e", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d6eb37d6-1775-511c-99dc-1ba642b36fb4", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1fd03cfd-7f52-5f7f-a721-cb16448757b7", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bcaf7b48-e281-5118-80cf-de5f8ab7e062", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }