{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:da940a46-ebfd-5382-a757-a3f54ecc5f56", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-orm", "version": "5.3.24-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1ea5efaf-d06c-59ce-839a-52c892a77ba3", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:09b242c1-be36-5496-9b3d-eb7d238c41b0", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7dec1d96-dd37-55e5-953b-5aa4c4df4222", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:52bc4dd5-a5be-5e6e-a05f-f9fd3190cdd4", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34c79eab-b280-520f-9d13-23a6238fce1a", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:684e4287-dc39-51b8-b428-020e4bb415ce", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9df96f91-965b-5cd2-a406-2e117bd8cc6e", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9af63cfd-7015-5ad7-92b6-c5be577bd82b", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bc43c629-00b5-50ee-9484-5011f1be6307", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57c02ce5-3bce-5ffe-bae6-b4af3e585fc6", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5de9b9f9-7b2d-53a7-aa3a-b7c68e8b4b1e", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:114e0396-f935-5093-abbc-1e320a823c6c", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c3d70ef4-3cf6-5a5a-ba8c-975a04766de0", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3aa54f8-7d69-52bb-b2ed-6012d4443b53", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c13665d0-f34c-5fdf-b44e-4b4c06c3ec41", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:48e2591e-5d6e-5429-a959-238d9427a6cf", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6ffd3468-ea29-58fd-b3c7-96bdbac4aef7", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f9ad21b-535c-5683-8390-4ddbb4e727ba", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5b28c8a6-dcbf-56c6-9c71-715de3f1483e", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d6eb37d6-1775-511c-99dc-1ba642b36fb4", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1fd03cfd-7f52-5f7f-a721-cb16448757b7", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bcaf7b48-e281-5118-80cf-de5f8ab7e062", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:390772f1-e86e-57ca-9633-168dd1e1fb49", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5d646f1e-04bb-5e09-a9f2-f23f51e8beb3", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c1766d4c-daf8-58f9-a960-66b9589164ff", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:99bc5852-2293-5df6-9e2d-9715d80aa218", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a347db35-f85f-5a2d-a488-2af5026e620a", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eef88e3a-a405-5078-9ec7-77cc217b48c8", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:af72e7bf-14b8-5e02-8bf7-137e9188865a", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6dbf1f0a-0cb3-53de-be47-510fcfe34d69", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f41b6dc8-8e72-5971-a6c0-205e52c178f9", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:930fc73b-71d4-5dde-b6cc-ed30a76663aa", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf5b5903-4805-5450-86cd-fc16982c0856", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:60f78a1b-998e-5562-9dc4-14f087d5df78", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dabcf95d-9a06-5bba-ad15-1fc192ea5f79", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7381ea1-4ab8-5f05-b020-f8ece2c57c96", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0d78637b-47ed-5c4a-b5f1-71953b62fe9e", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ad5badb5-3288-59c8-88c7-9652bdbe7acb", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5422c0a1-94cd-5a85-a496-d9ee6698bacf", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.3.24-tuxcare.2 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.24-tuxcare.2" } ] }