{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f02038dd-af6a-5b33-b5dd-5b63b8be968e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-jcl", "version": "5.2.13.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:704e8d4b-b163-59c1-90c0-83a65df667c8", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c8167409-822f-5bc2-9d57-c6f31bf959a0", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55725d35-957c-5a52-a18d-7f0953998d79", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58745e4a-97de-5051-9d80-5dba1a4de0f4", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f6776d53-cf40-528e-9539-72899a7bab82", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e2648d7-b4b2-5e91-8bd0-de9df654cbb9", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:455a6eae-e9c3-5a9c-92ab-13b0054958d3", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:47c5e751-3f0a-5fab-8ff9-9f9ae3118f23", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c6b7f88-28d5-5fae-9eb1-67ad88064561", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f2ef54d2-b5ba-5799-8cc9-b68104b3ae76", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b2a80e7-8202-5599-9623-b0cb3e99a424", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2c99f0d-e7df-516c-83d3-c4bd05142ac5", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2fc13e0f-e626-508c-87bb-c7e31ce2f432", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:71cad607-f636-5096-85a4-d18d03a0a925", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf1e896b-c0a6-5ac7-a52e-26b113782ee0", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f936d78-c4fc-55fe-bf13-8d4ac7f90228", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ff661a0-eaf2-55dd-8c00-1da8c886a73f", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0351c879-3ff4-5f93-9ba3-1dede55511e5", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1efaa4a-89f3-5e77-a251-30f9d3d66d4c", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a6c979b1-ac91-5769-9962-677dc293dba5", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f41cbf0-2658-59df-a20b-c9cce40bcfa4", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:26ab4edf-6a57-5f16-83f0-f3bde8758a5d", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee96298d-8111-5abe-8147-d5089aa5b63e", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.1" } ] }