{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2391caa0-c83d-5296-9a60-b014a6355d1c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jdbc@6.1.20-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-jdbc", "version": "6.1.20-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-jdbc@6.1.20-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c1fa9310-9381-54e2-9678-5f5ebfa6c73c", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 6.1.20-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@6.1.20-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1f460045-a5c9-5290-9485-62894eb12770", "id": "CVE-2025-41234", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.1.20-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@6.1.20-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8ae1eba1-92d4-5d8d-a60d-be9096b3ac93", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 6.1.20-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@6.1.20-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0952159a-7008-5bbf-9235-eb9bf5925176", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 6.1.20-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@6.1.20-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e6cc1ecc-4e64-584b-82e4-1b6ae1bb3c24", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 6.1.20-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@6.1.20-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7214db21-8425-50b2-838e-94996c1745a4", "id": "CVE-2026-22735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22735 is fixed in version 6.1.20-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@6.1.20-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1df13060-b6cb-52cf-912b-a74394836f8e", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 6.1.20-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@6.1.20-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a7be40dc-5dec-5ccb-85b8-73a8678edb02", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 6.1.20-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@6.1.20-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3210e7ca-256c-5687-949b-ee3b04693489", "id": "CVE-2026-22741", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22741 is fixed in version 6.1.20-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@6.1.20-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:12f60925-126e-5b87-897c-f91b81685dac", "id": "CVE-2026-22745", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22745 is fixed in version 6.1.20-tuxcare.3 of org.springframework:spring-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@6.1.20-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jdbc@6.1.20-tuxcare.3" } ] }