{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:21810bb6-5996-531e-80d1-aa1f959e850e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-tx", "version": "5.1.5.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a2c99dfb-e3e5-5e1f-ac13-6c99643783ec", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ee4432a-e467-5356-9c86-149f22a65b6a", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a88e383-ce3b-5ee5-b415-cf6d28ad8d64", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e1055afa-de29-5b02-bd73-5751338a22c6", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:de0a6657-3bd5-550a-9bd6-1432aae2158e", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0062aedb-66ce-58e3-a3e9-6a70b8b1a93e", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c37937c-36f6-5e4f-8ff8-2f87a74a635f", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e1b111d4-3936-50fc-bb0b-c2bb6b0624fb", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9299775f-0c81-5dee-8950-ec834896dcf5", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:53d5edc3-9614-523d-9bed-db7cb2058824", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a6001e5c-3530-5233-a91a-09898f4e4901", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d3d2258-36e3-5361-b74a-386e0af74d46", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3e60caea-649d-503b-9073-9dc9a8442ae4", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6f9e09d6-27f0-5ed2-a92a-1ad83d865e8c", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a9470aeb-c0c8-5193-b844-edf3249da514", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:caf62fb0-bca8-509d-b15b-daee6fbf939e", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c27db64-75c6-56ea-99a0-2914b49266e6", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-tx 5.1.5.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dc9114b0-14e1-5e85-ba25-28d967b57022", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1859004b-ef5e-5395-9b40-b911ade78fe6", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:05f5d6a8-e1a4-5207-a699-860df4b196fb", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:266a8458-0b7d-5d7d-a6a7-eaba526d9239", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c37cd417-bba8-5c8f-ac2f-f627f5da9619", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:23773686-01ea-5900-a6f1-39926276ec5a", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c0da6ec7-70bb-568c-9e90-203802357597", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:41f71371-4211-5b40-8ecf-2eecd9df9d69", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7845cde5-ecf3-576c-aeea-dc3167c5ec9c", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:137c68aa-517d-5004-bf74-d33385102dff", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:55327332-b3cb-57aa-ace5-f63bae95bfc3", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a28ad0d-a9f5-5c28-ae5d-47665307cfd3", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.1.5.RELEASE-tuxcare.2" } ] }