{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e01f051e-cd89-5de1-b7f0-3ea64b3b2f02", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-tx", "version": "5.2.0.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f166f93e-2e4d-5bce-9d13-948dea7c748a", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:54e510e2-ee0d-5fd7-b9d8-1a56b666e5b9", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:494b6d91-e599-57ad-991d-1797e477b49f", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5cf43d77-d17a-5620-8a05-6bdfc17171fd", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f645635c-c64e-5cc3-a3b3-c76a04cdd330", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:41567c4d-0473-5cdc-b928-d369e8cb40c6", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7f139a7d-9456-5f6c-9fb9-f31d74a5dffa", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:857180a0-a4cf-55cf-ba50-f45d69afca58", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b9832e83-f243-5de7-a8b9-a4bb7e27b3b0", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3cb12396-cef6-5f58-977c-387b5933bb01", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9b60195d-7cea-5e16-a6ef-374b875aef7f", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:75c0f8ce-d673-5ead-8a39-ff217d6a4f76", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6bfe4b1d-0a86-54dd-b7f1-9ad1653da594", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dbdd6741-b189-5166-8230-2e183d7db80b", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6caa0e2a-1275-5787-9d19-574fcca6e67b", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cc4059c5-6c77-549e-8591-5b7c8e757528", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ff5111dc-f027-5c5b-883f-f4f6a5566d94", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e883a27e-abb9-5458-adf2-d50f9a89c7ee", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:522372bb-b592-5b92-8063-11df5c9a53b9", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-tx 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78cd1553-fb85-5da5-afe2-be15e14b2848", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:63797bdd-a419-54cb-b172-add1514bec62", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:46829c8d-1a79-5483-9e60-92aa6ffc1707", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b3f063d8-d12b-5f54-b2fc-39428eae8f22", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6a85d5bd-fbf4-5964-baf5-8275ad2983a3", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-tx 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:abce6908-93c7-55b9-9cc6-ea51ff1d37e2", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4a6979e4-c3de-5dcf-8aaa-73d4352fe0d3", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1d1767ce-d026-5f59-818e-852165bb6c7a", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c8ee36bc-02fd-543a-8f5a-4e4a72ec7c84", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f11bd228-70eb-5880-ac29-cf799d76476a", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9fbd795a-8536-51d3-b02b-2b9e97795302", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:84ca2e37-0136-5809-8a79-9d15f38e0d89", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c004da1a-7469-52a5-af92-f2d01ed6b36d", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4604266f-6049-5f41-9acf-c9f581a1e3ec", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2ff6a00a-72c6-545d-a610-bfb466daf5dc", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fa95f2b1-780b-53c7-a90f-a0ba40e4f775", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dce1f928-3a47-5944-af87-e514ca4b1783", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f45526eb-dcec-59f9-916b-caf875d912d9", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:73ff54fc-6367-53fa-9cc5-811867daba79", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2b2a72b3-15d1-5723-b9e6-f171d58aaece", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3686938a-555a-56c4-aa88-f6a6120c8bfa", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:38e1bb67-6c46-52df-b733-37671d8afa41", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d4eab119-ab9d-52a2-af62-bd0e94d0797d", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:35433126-b868-5fb4-9454-a21c7f60fb7e", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aff17c42-7937-520e-866b-e0b6a5ad21b0", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:377791c6-1c33-575e-8ab7-c9652b36c605", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-tx." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-tx@5.2.0.RELEASE-tuxcare.3" } ] }