{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fec2fcfc-f208-5419-a947-7f810daf0936", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-orm", "version": "5.3.25-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4b99ff28-f4e5-58de-862b-af1517ef9ac7", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ace057c1-c4ac-5276-94db-37f3b1e5b12c", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3388aa3b-3600-5be2-a142-0ab37eed24b9", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:89a0688d-9509-579c-bfdb-a42eeb715a0c", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:382cba9a-36ef-5a2b-8a3a-d830f52f7b6a", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:04f5f064-7fbb-58b5-a0dc-5f6f5e54fb3f", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:61f0a6bb-8e62-5ecf-9713-c425b2d8d882", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5438169d-c642-5e63-9389-7f6770df36aa", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8f837d54-c968-520c-9bfd-15c95c3b8da9", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0754b688-a572-5561-b20f-70e33cc4b6c1", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a533fa55-9546-5c92-b40e-d9229657ac7c", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b912244-6043-5809-8878-6b10cbe2a2ce", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2fc3b7cd-a067-5ffd-9aa8-58e50ca84298", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:914edd07-acc3-5e19-b86b-653daca67bce", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b7003176-24d9-5d97-851b-7fb94cbb165e", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9df62481-e361-528e-8aa2-bb8e3b7575f5", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:181db87b-3e92-5a23-8d53-6967ebb81503", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6316b703-9b56-55e0-aa21-ba3f7e06161f", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ea838276-f15d-50c4-bc15-b314ef685a16", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d2917424-a564-5342-8f08-fde75a744f09", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:159b832f-503f-5966-9684-d2d520f95713", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8419d4a6-9822-53ac-8246-7d223ee0b31c", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1f32c541-fdd0-50ac-8346-12965cb03b82", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:94f4e923-2196-5e50-a98c-c5876a951774", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f4cc5224-fe32-5002-b3fa-d29ab0e3e70c", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:23e37bf5-9131-5e85-8d3c-4c4b037b792f", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5fcd319f-0c09-5b07-b1cd-7ed1a30b982f", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cd226572-5a86-5ecb-b6f2-8503c556cb77", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:098aabba-b6f0-5c6b-a998-ce5fe16c81a7", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a3cfd6ef-72ae-5f98-9814-7bd1299f15cd", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b7ec2c73-ef05-55a1-93be-7b7c8a70ae41", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:81845e6c-8f10-52a6-abb8-abb3d1d06e4e", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8825eba3-f8dd-5485-b26a-697aa7450e94", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aa5841cf-44ab-599d-afe8-58a49b8b3845", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:66abb501-51e3-5959-b760-9ef76d4f9f17", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:296f75f0-62e5-5a4e-9278-f468ec0ee1e5", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6621f9e9-eace-56f8-9c3c-86f98368e13f", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:56b07a12-8292-5d40-b4fd-9cc7b0d7586c", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ea3c078f-bbee-58b8-9e3d-28f65f1ed25b", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.3.25-tuxcare.3 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.3" } ] }