{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:398371cc-5466-51ec-bdda-c9fcba71bdb8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.1-tuxcare.1", "type": "library", "group": "com.fasterxml.jackson.core", "name": "jackson-databind", "version": "2.12.1-tuxcare.1", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.1-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:307cb397-16f3-5769-b9df-d63aff179944", "id": "CVE-2020-36518", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-36518 is fixed in version 2.12.1-tuxcare.1 of com.fasterxml.jackson.core:jackson-databind." }, "affects": [ { "ref": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:54609435-e5e0-5f98-9963-409237264e97", "id": "CVE-2021-46877", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-46877 is fixed in version 2.12.1-tuxcare.1 of com.fasterxml.jackson.core:jackson-databind." }, "affects": [ { "ref": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2146f17-1bf6-537d-be06-a74f4713b00e", "id": "CVE-2022-42003", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42003 is fixed in version 2.12.1-tuxcare.1 of com.fasterxml.jackson.core:jackson-databind." }, "affects": [ { "ref": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:debb5fcb-c1e3-5624-ad9b-621664819699", "id": "CVE-2022-42004", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42004 is fixed in version 2.12.1-tuxcare.1 of com.fasterxml.jackson.core:jackson-databind." }, "affects": [ { "ref": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88d10a17-f540-5235-ba5d-1a72f2f41d7a", "id": "CVE-2023-35116", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-35116 affects version 2.12.1-tuxcare.1 of com.fasterxml.jackson.core:jackson-databind." }, "affects": [ { "ref": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9d63b5e8-faa1-57cd-b76e-5ed125850446", "id": "CVE-2025-49128", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49128 is fixed in version 2.12.1-tuxcare.1 of com.fasterxml.jackson.core:jackson-databind." }, "affects": [ { "ref": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f402dc15-caf1-53b7-9262-c6723de2e918", "id": "CVE-2025-52999", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52999 is fixed in version 2.12.1-tuxcare.1 of com.fasterxml.jackson.core:jackson-databind." }, "affects": [ { "ref": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:701c7200-e674-5902-87bd-1784e861b97a", "id": "GHSA-72hv-8253-57qq", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-72hv-8253-57qq is fixed in version 2.12.1-tuxcare.1 of com.fasterxml.jackson.core:jackson-databind." }, "affects": [ { "ref": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.1-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.1-tuxcare.1" } ] }