{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c3bb8bb0-f3e6-5202-9c4a-5f5eae035f18", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-orm", "version": "5.3.29-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:26a74476-c43a-5e49-86ee-985d45d28501", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.29-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7d3c5fb3-b470-5ff3-bb30-008ac9feb11d", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:afe68a03-64c6-5f86-82f3-fac4a1a696c7", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:05adb5a3-96d4-508f-996e-227267c78f53", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2b8922a4-8c39-5cfc-afb1-e7a3cfe01b1f", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bfb5e191-6d12-569c-9d35-f3487bf54a7c", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bdafd719-5fca-57a0-9349-03902ecf4b44", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c2758b2d-a5cd-5ae2-94f7-05e5a2089f39", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:de9a259a-a98f-5144-aa2b-46cb6a3411cb", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5d85ebf5-5a87-5c52-bc89-21534cb9f4de", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:15005054-ce2a-5a67-9986-42f24eccdb28", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:941d0129-e73f-5e53-8724-f5801300626c", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-orm 5.3.29-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eeb9e3d2-0d2e-5f37-87ad-bc4b7079ec65", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9c40035d-cee6-5d64-add2-ff53290afbc1", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:14f29c2b-5668-5ee0-a158-22a2edc07306", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a9d19559-b8c9-5b93-b8bf-7cc0300cca7d", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.29-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:65d8dc7c-1781-5c9f-9d36-e962d71653c5", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.29-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8332ec1c-8b13-5479-98ef-558a3da42fff", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.29-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0c066345-3aee-5fdb-8d4a-dbd8728db04a", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.29-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:30d92fa4-e45b-5f6b-9ec0-d7511ce84c95", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.29-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.29-tuxcare.4" } ] }