{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1a5f363d-b136-5685-935b-d6baf0e8ebef", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-tx", "version": "5.1.20.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:709b07f2-16c9-5ec7-8e52-b12e2c76664f", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ddca9cb0-382e-5105-8aaf-2b696b2997db", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9a27b40e-9073-57f7-9535-91a87de21270", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b9908223-376d-561c-8c7b-d9f56c5bb299", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72ea0e28-64b0-5f1b-8e99-cfc41e93de6d", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:978e2e19-45d3-5c60-ab13-f71f7383d9bd", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2402842f-4001-5a91-8190-4a2da0d2a9a1", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a8576575-655e-5a27-8c4f-eef36d70efff", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:390ffac4-8c17-552a-85ae-9d7becdf5cac", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19aa3e42-f2f7-5e9e-a116-7ef342b489bf", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6621a8a0-8144-5485-8488-052b500590d1", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b58380e7-c3e1-5861-9ece-54f2c3dbb98b", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:669ed436-aa5d-5b5d-bafc-2aa4b8299f7e", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:357b1e4c-105b-583b-9e49-1ff2e0d70e0c", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf697bfe-33ce-596b-9084-f6fdf7463d49", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fea7277b-6b56-5207-b08d-165a67600fc8", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-tx 5.1.20.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:29048154-0186-5c33-a7f8-dd2d80e69250", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:873e9877-f618-52d1-872b-cbdd7f91fac4", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aa62fa8d-6bf0-5b9f-acea-5100d7349952", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a398445e-8444-5fea-a97f-162860735f7f", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c868397c-9c96-5a9a-b0cf-bd9adb9ffead", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6fa8c3fe-febe-50de-a3ac-68ea165354c0", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c0a7362-05c5-5c66-9597-6ac3e4b0b449", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5d101c38-4797-5394-bfe6-40f228a9011b", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:172bee8f-3f7a-5059-ac42-d784e17782b5", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.20.RELEASE-tuxcare.1" } ] }