{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:723c8da1-c3c3-5b9c-a90f-bfca68c18696", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-orm", "version": "5.3.25-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:daf7e1e5-a9a7-5f3f-90f4-a547cb687bbd", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.25-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a7443d2-1673-5e90-bb16-b975e622f936", "id": "CVE-2023-20860", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20860 affects version 5.3.25-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6af208e7-810a-5e0e-91ed-486f2eb7a083", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.3.25-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ccb5dfc8-b82c-52c0-b385-fff4075eff24", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d5d18da7-19ca-5307-a4ef-dcde6f87b822", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:03261792-94ad-5fa9-9f88-f024dd45f7e8", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:92a14e6d-1708-58b3-b34b-82f8c3980081", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57b9c0b0-5b8c-534d-accc-fd0622eda27f", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.25-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a5c0102b-f54f-5b69-84b4-98bc47149a92", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:88de4c13-e74f-5435-a40e-566c89e962f7", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ffbc4e03-58a6-54ac-9210-0d03b7a4941a", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.25-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ea5d4e1e-3642-5e72-be93-d4e54356d758", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ae2d295f-1f89-5f81-8b75-b17b7f0a11a3", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cdf61121-37c9-5711-adfb-fa89714e3c79", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fec3b589-083e-5c79-8ba6-8df88515e83c", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20bcc3b4-6e3d-54a8-b954-4b811a727be3", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e4d6c29-5471-547c-b239-3557979e107e", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c0aad860-6700-5fb1-9212-810395532aee", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.25-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6eefe34e-faad-55eb-80eb-9296a050efd4", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.25-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97d23d32-9b98-5e07-b6a9-88a9bcf1a163", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.25-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97800275-1a9c-5227-b405-7edaef9abb9c", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.25-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:30ce9108-34bc-5293-bd12-8ca0b61e1fe9", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.25-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.2" } ] }