{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:de073839-3279-547a-ada7-a69969e65ccd", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-tx", "version": "5.3.24-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:30d4150f-c9ac-5d70-a7c0-4737ede09738", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:99f6e820-da9c-5be1-8c00-6e4992033633", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b278ed7e-909b-5886-a8a2-f4dc43f8bbfd", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:15e825c2-aebb-5b33-a127-98ab97919c54", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ee3f4cbf-31c0-5b82-bd13-7a33a2b0fd1a", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e85b353e-ecd0-5959-9564-9982af0c9b66", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0fbb218f-bb48-56cd-bd55-2eecedbcad01", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f1589f6c-b4ec-5234-bf79-16173a950ac4", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1bbfcb2c-c7b7-5c0f-83ef-4b56fe10e182", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac0ab8ca-2bca-5c67-a0ac-3a1d91b7d2eb", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0e914088-5faf-564a-823a-b3e4004c0036", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6881bf99-d1a5-5e1c-916e-f30fe094332e", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f6fd3d57-354c-5d51-987d-8636d5006edc", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ed725a37-bad8-5721-99a4-529fe1fd5c3a", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2b9278f2-1c52-569a-9bff-4171896fdd4c", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2ac3b067-c06b-5589-84b0-d2df5afe0cdc", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e37d86be-4b11-5f0c-b896-c32b64721fc2", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2f3e2fcf-3a2f-5907-ba8e-9e16a183345b", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eeed5824-da4f-501a-af20-0cedf31822ef", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9fc2fde5-d6cd-50e9-839b-613de12c4792", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:92f88829-c948-5593-af18-08daa2e3b886", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ab9b1080-f059-55a8-b5c4-5e8f70cc0421", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:540144f9-6717-586f-b2ce-146bd0a85d31", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:068ba491-cdb7-5be6-bcf7-6aed8800a5f6", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4aedf492-327c-5b00-8c18-35e8f8d995e7", "id": "CVE-2026-41840", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-41840 does not affect version 5.3.24-tuxcare.3 of org.springframework:spring-tx. Patches already applied: 7052da453285658215efc1dd5ecb0d472fde2de1 (already in target via 2c11852775 'Backport CVE-2026-22740 to 5.3.24')" }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2d19b0f5-72d5-50fe-85d8-74cd585ec2f1", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0c1f6608-f365-5fe3-8799-67839a1d487c", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2ab43680-f0ec-5628-a80b-0c166f4fda78", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:82f79ccf-e7cb-5dbe-aa51-cee6b28ad237", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7c80e004-388c-5f5b-bf08-07fad68f4f83", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:da113ccb-e113-5787-8c7f-5951d11c7335", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0892dfdd-a97c-52af-a22d-e8177908e940", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e8b20b49-0619-51f7-ac01-879f8be75462", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1a30ecfb-79fa-588d-af41-ba4feb5886ff", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e3c5fee0-0796-5621-b3d6-933518e75ea6", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:85580f22-221d-5db4-86a7-dbb787c028dd", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bc4c0cba-2306-5ac3-9e29-230ff88bdb8d", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ec7f3845-c066-51db-847a-39576f73bab8", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5572ebb0-2e47-5fbf-a71c-282dc81dc04c", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.3.24-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.24-tuxcare.3" } ] }