{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b689351f-c1fa-55e1-8a91-fc098da757c3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-orm@5.3.30-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-orm", "version": "5.3.30-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-orm@5.3.30-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6fbd1c22-69d4-52a1-b562-f720283205ee", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.30-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0f1605e-35f1-568f-b53c-8dba2f6d8587", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b93eb673-78ae-55c7-9297-1892c8bb88d7", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5bb2bee2-5950-5c53-94e5-713a6c1440ed", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:58aa3558-fcf3-570b-92eb-a372d04ec788", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8575101c-1298-5ea3-aab9-47129039f994", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:179e8b9e-6a11-579f-8383-f8bec8bf65f2", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2ebe0127-d216-5eb9-b21e-74fd074b48cd", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7de38728-3177-5381-ab06-8f7f90ef9bb1", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:182b9bd3-c9eb-5ff5-a426-b474eb1c6267", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9a657f39-aaaf-52d9-b913-c5dfbc64d2b0", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ce09fed-1336-5a71-857b-b37558c076c2", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:64575683-6c06-57e8-9055-bbea82602bf2", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c693db70-5d43-5e8b-99f1-9fd2db595cc6", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3646c8e5-4ca7-5110-ba27-efadf1e320b0", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.30-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ce1b3450-4a82-535d-8763-63cbfb94beab", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.30-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:63787904-b6ca-5045-997d-631aa9a9cdbd", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.30-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4cafd48e-493f-548b-a280-9d042a5f82b4", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.30-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.30-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:220b63a7-7d5e-5186-b786-21a860484a2a", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.30-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.30-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.30-tuxcare.2" } ] }