{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2720630e-7b01-54bd-a345-bcb08f679b44", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-jcl", "version": "5.2.0.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0d0206ae-77ba-50d4-99c8-ddc1d2faea39", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ef864250-656e-5f38-922d-cc26d7d1438b", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:abea7430-cff3-553f-9a6e-c1c540f5ee9d", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e16bb5d-18a2-5894-89a1-d83d4efe1914", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:35bd6ce6-6482-5b27-872d-78c23e3bfd3b", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:58695148-be17-51c0-880e-f72b19c3da47", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91b6feae-482c-5938-bc2e-f0de0e85c00c", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9555943b-bcfc-557e-bbe7-401c561dd597", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ce34fd2-0988-5623-a9bc-ea4a9139fa66", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6c3daec0-4da6-5f7c-afe9-ce0edf4b2537", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:30e778ae-6517-5129-8e77-9bca0dfe626f", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d225381f-edc0-557c-bee0-6a778d9b18ac", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:366ab98a-644f-5167-8645-d314d9e309d0", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:22683037-2a20-5453-817d-e61de7782947", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9a9e2fe9-f4d4-5764-8ef9-8acb4112102f", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:92a88fd1-a1ae-53ac-8e7c-384aa4e0b946", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9225b6cf-9535-56dc-9129-42d9f771f977", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:83b4df07-374d-5085-8f7a-15b6879239ea", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fdf4a712-8949-5607-ab27-63232f27fe11", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-jcl 5.2.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2858d58a-e6e2-5bf8-af9c-406548a1ed9b", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eeab789c-4cdb-5e42-8637-2cd3bbc2c351", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8cc488af-f304-5eb4-b451-9a26eca2b84f", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ddd39abc-91e1-5100-a377-5949232d107d", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:21938983-0b07-53de-abc5-9807cd5e1e05", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-jcl 5.2.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6db55a27-98a5-5b9d-961a-5983759a36c3", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.2" } ] }