{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f7173253-5641-5841-ab45-95f9302236d5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-orm", "version": "5.3.27-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e8b48ff5-8412-5c18-bcb7-2ddb65791098", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.27-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:49f4c09d-ef3a-50a2-89f9-3197cccb02da", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:536f0b4f-6ad0-5ebc-a557-72914ba8cfb6", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ad41b868-5f1f-5594-add2-89520c5c0f6a", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f6b6de46-1063-5b12-b949-767355b8d45d", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:adc83419-7d21-5dfd-82ed-a40af486e95a", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3c4a24b9-1ea4-5f61-afb9-a79bc94e6a20", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:be00c57e-7eda-52b3-bad6-8631bc79fdd7", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c1f39d17-a326-58aa-8175-665ece575468", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e6e1c59f-48b6-5bd6-97a0-13fba8c59f94", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:279ef91f-ed78-53f7-8a22-75c1f07cc1fe", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f5506ed8-fdaa-56f9-b707-befb29f3c990", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-orm 5.3.27-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:af4e570f-7c9b-57d5-8164-6a6fe727b2f4", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:93505cdb-a20b-50b9-901f-416649dd9378", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f7fa51df-15ae-5e0a-bf2b-b68cdf5f0969", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:659b9705-4235-5bad-b895-81d414888422", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.27-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:37f0f446-b864-5be4-8ffa-5a53fc4d18eb", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.27-tuxcare.4 of org.springframework:spring-orm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-orm@5.3.27-tuxcare.4" } ] }