{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d48f933c-e344-5298-8f9a-03cf359498c9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-orm", "version": "5.3.25-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4b33a518-7afd-5418-87f6-86a400172297", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:556431eb-b252-5ba7-9be5-62c2da5c5008", "id": "CVE-2023-20860", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20860 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b9def1f-2c26-5d56-8f3c-4d71ded37a57", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:806f3717-1c89-58fc-a28a-03705d4f38e0", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60fe2921-c4c7-5893-9f11-71be86ba3e7b", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:411e1564-ddfe-507d-ba61-5997e8cdbba2", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91426cc2-f84c-55ef-ade3-4d33996f0a9a", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a9439d1a-27a1-57fd-af91-b2db056c0379", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9cf48ee3-e730-54ce-9d2f-099e461c6cae", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a90b7e5-3b4f-50f3-8a88-f2b9b6882b97", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:391ccf0e-e8eb-5f74-82f0-0fbacaf4a938", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ccedc5b6-c8c5-5bcb-8c71-96a27c5e5fdd", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:85d311b2-11a4-5820-8a7c-e4e980cd4cc7", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d3f0ece4-3180-5fcf-add6-0b8fa5310c35", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:34e65d66-e277-55f5-a5a8-a9cf4940125d", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4834082a-b55c-5575-bc02-721478264660", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dac4bd9e-8e15-55b2-a56a-1bd78d484a9f", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eb3cc2b1-e3aa-5322-8892-e871f30c4ae2", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:656de3f2-b8a0-5a08-badc-6d0776097dcd", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91222638-7880-520c-9bc0-899579620631", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:778802e0-5ca0-5ac5-9db4-a4946b103d58", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75de2500-0b0a-57ac-b07f-82b66853bda6", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0581d4d-71bb-5f83-899c-2f87ac679e60", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:45ed2025-72a2-50fe-b0fa-04be45427aee", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b17f7ec-9ada-5ced-b0c0-7d63e345f410", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3cdf7522-fae2-5724-8826-db0d61ce2dcd", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:339902d9-70b8-57a2-8649-0f5744ffbc1a", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d830c8e2-3c2f-59e9-8166-11bade72603f", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f55990f9-8913-5a5e-8c01-be030df2bdf9", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb0bb4f9-e680-5248-a615-51c2e0857569", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc0a7e33-6f0d-5ed1-9de9-0e858424ab64", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9330f281-2593-5f14-b857-1f0e9e1cf076", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eb830471-ac1c-510b-8219-0a119d23b768", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc529a76-48fe-53d8-a102-4ee250c203a7", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49723f0f-f92e-5195-99af-1a5f5fa1a682", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:126d5328-78a2-50dc-94d5-cca9a5781cc8", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f82f0f32-b709-5725-b4f1-edc8fbc8c3a9", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a3bfdb5-3fd2-52e1-93a3-4479da6c90a0", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:17d8a333-8d7c-5350-93d1-3ba92f782db6", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.3.25-tuxcare.1 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.25-tuxcare.1" } ] }