{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0c41e908-bcbc-5bc4-880d-ff809206cb1c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-jcl", "version": "5.2.13.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cbe8a155-5a79-5742-b2bc-eede8c02f0da", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:22b1406e-2f42-51c4-9daf-d32e84145da0", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:710dadfc-6bf2-526b-ad80-8a57ff868d8c", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:566815eb-4a53-53a7-a412-32ba7ca9244e", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:84b67233-745d-5dda-806a-7bc258905aee", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc0ef101-bfad-5388-ac24-a2b4098ae86f", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9c35e81f-b0e7-5100-b6bc-ac144adde1b1", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ca52756-e215-5d51-8225-ece77cfa282d", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:679cfeef-76d2-5713-ad11-6e95c35e87f7", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c9387357-fcc0-5f0c-a02b-b8e7b28ca808", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b913e3f6-d949-5b97-9850-9857ce83a419", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c18cf9d-347d-5bef-b04e-258ff57bedc2", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:81a4a695-9816-5865-a440-f34aad7df21e", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:087e9d35-8f93-582a-984d-7b57122d0ee4", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0e7bd14d-58b1-5e40-9d92-5587a5ef10d2", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:947e441c-066f-5ac4-a343-b6cc95b188da", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:217e40b4-ec30-5f5b-9b33-506c366857b7", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a78f4313-8f51-5256-a9a0-83a1072345f0", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d4c2f5e-2942-5e7d-9274-83462ec30d80", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b623596d-8237-5d89-b58f-456bed059e78", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d8bd0a42-f07c-52fa-96e6-00d1104634b5", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c0f1f32a-877f-5f2c-a25c-d3bbbacb94b6", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:686a3301-af32-53f7-9d2c-431413379563", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.13.RELEASE-tuxcare.2" } ] }