{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:51e709e8-dc0b-5b42-b745-23ca04dae671", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-tx", "version": "5.3.37-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:841b2d49-e622-5743-9ec2-2d8a6743d35d", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.37-tuxcare.4 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:783a40bd-ffd9-5cc2-808b-5ee44c125e36", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e9bfcfd5-03c2-5508-be7b-433bd85a4e81", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5410aef0-9d89-5729-9acb-416e83f59c52", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a7abf706-9fcc-5782-972c-12dd1e5ddbe6", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.37-tuxcare.4 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c9e509a6-5656-5125-926d-149b86ec1529", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:86dde18e-9e43-5df4-9160-1f817a5fc251", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.37-tuxcare.4 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b0cebd6e-b9c1-52e2-bea2-c91c8370657c", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:893f088c-cc41-5dd6-8d28-dca5b3c37566", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.37-tuxcare.4 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ea3de120-c032-5072-b263-0f2b0efb0603", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0162e535-58fa-5674-baf5-5f450ce851e6", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.37-tuxcare.4 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4192d400-11ee-5835-911e-b89e3850ca89", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.37-tuxcare.4 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e386d79c-213c-56c3-9589-b9bb73bf1154", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.37-tuxcare.4 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:af71a9b6-0fbe-50e2-a98c-c7f057f9ce17", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8af7b063-4538-536e-a58d-f79bbd580c1e", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.37-tuxcare.4 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d9719f49-9307-5132-b105-01edcd652616", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.37-tuxcare.4 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.3.37-tuxcare.4" } ] }