{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9a0da138-7622-54fd-a628-64499dce2fd3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-r2dbc", "version": "5.3.37-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d1c91a7b-3eb0-510f-a058-ee5be4a0277d", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.37-tuxcare.4 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:265e6853-e73a-58b7-8ab4-9f150e615b0d", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fe628093-df8a-537c-afdc-8f9160d39ec3", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:90076164-06a4-5c56-a0e0-9229d65529e9", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d317748c-00b0-5950-be72-e0b3d788a05a", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.37-tuxcare.4 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1cbc05bf-2a47-59c4-b814-d9bc240de50c", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:09793823-1c07-5bd6-bb4e-3dbbdb60ec36", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.37-tuxcare.4 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bf657439-9d3c-5712-87ab-c8ac995ffa88", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3b799ac7-ad96-5416-8017-0b891920fb72", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.37-tuxcare.4 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a7c979d3-9c07-54e7-8128-347cf1524e57", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ec63042f-88e6-5617-a0a9-8a1670394c94", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.37-tuxcare.4 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3447c4ec-31ac-51f6-9252-694b41116985", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.37-tuxcare.4 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5a0afb3d-f23f-5fb0-acbe-24bd2fe04a34", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.37-tuxcare.4 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dc13e2bf-fea4-545b-8fa2-51ecd3a2877d", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fabddc47-f5b5-555f-8847-786e94829d17", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.37-tuxcare.4 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1801bb04-c029-5476-9738-e4cf653c1afe", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.37-tuxcare.4 of org.springframework:spring-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-r2dbc@5.3.37-tuxcare.4" } ] }