{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:689d9c0b-a83b-516d-b1ba-18b985697fcf", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-jcl", "version": "5.1.5.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:494f6ab4-cf24-5141-8963-20f4173aa08e", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e03b258f-f2a7-5c6f-94c6-3f4054f7e86e", "id": "CVE-2020-5398", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5398 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ffa96db6-f19c-5ae9-94c6-11c551d32f97", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9d30a6cf-ddc1-59b1-9372-48633144f4c6", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cab662af-8cfb-594d-893b-1c9bf4217925", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f14af79-862d-5f65-a524-c524ba41130d", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa7190e5-0955-5710-803d-2e705313da9f", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c085aeb6-f402-5bbe-a04a-270e0d22cfbc", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75deb050-47bd-500a-93e1-4fbc5bb47d97", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d184c9d2-2c68-5dfc-987f-e22717f7e548", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:08e6b741-7b77-5321-9373-0f92afdb836e", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72d612be-413a-52c6-8ca8-be58f17e39b5", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9849a068-6b4d-523c-989f-a68085d88259", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1196f09a-2c12-59f7-8fc1-4f37ee91e249", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f4d26812-3b6b-5cf5-8510-547271fb6a61", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:817f7abe-a880-5f2b-9e77-2f4ec2ad4061", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:13c65f4a-2cdf-5411-90e9-ab80f6453690", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-jcl 5.1.5.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:35ab4654-9cab-5435-bea1-cee6c6db6785", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d553a68-5067-5a37-be7c-c0e4997ea804", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:29b7b407-0dc9-549a-bf7b-d3b4452a544e", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78d85654-abe7-5d69-84a0-9e40adfbc057", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:107798bc-979a-58e3-b763-b0cb33901eff", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c354d8a-b965-5678-a6cb-e28b755d4fd5", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b366ef48-f399-5fe6-a308-dee1c996d6e0", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:01316ebe-69cc-59e8-958e-244e4e3245f6", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.1.5.RELEASE-tuxcare.1" } ] }