{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0cc151c9-42c3-59a9-8845-c87cb8215fc4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-jcl", "version": "5.2.0.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f415fcc7-883b-581b-be7c-3e7a3c87bcab", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f8d026f1-e9b3-5c2e-9c89-c12e9143f96b", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c07a8f72-dab4-502e-b6a7-8818cf5361c8", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5411da6d-5a31-5a0c-8f1e-dde469d5f08f", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2ec5c100-eef9-52b3-ac7c-7c1e01f553de", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:42c0dabd-0794-5a9a-a0ab-f2b5ced2c306", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:19ef3061-a13c-5d49-b90a-3e2d40241e4e", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f0edc358-410c-51ca-9d2f-16a4f775c966", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:390f77ee-e423-5bc1-a9ad-ef452bffad76", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7e132581-af1f-550c-a441-be2942579352", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c472a7b8-92df-5004-b9dd-00a125e34d45", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:419612a1-a942-5989-949c-bd3d1026aaf4", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:34da8fcc-f18a-5974-96ed-3a19d159cfb6", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:303d7b28-5b84-579e-8a61-328ba245cb8f", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0608844d-c9f3-5408-a0af-25fc7fcdec8f", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d0294a54-eb9b-5db6-99b9-6f34a7f7295a", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d2710c73-87c8-5b2d-9d68-4383e42a2b84", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:97895207-e8fd-58e3-af0c-e62a2a736fd3", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1b745aa1-dc5b-5f04-9999-27cd0ec61aaa", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-jcl 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cbbc3143-aac2-53ba-a1b3-40ac44ebf912", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1eda2aed-76b5-52d8-b97b-460136a1e13b", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2a030a2a-1f22-55c3-a01c-2d4038c3094d", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:55a80d4b-831f-5227-97be-0e6f7e594c4f", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c1f62c72-f9b4-5f05-8afd-2fe6c0b3a302", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-jcl 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:858029e7-0ee3-56d0-8c40-8f49bea12fe3", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }