{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e2dafc45-4b80-5fd0-bd80-4f569c52ed4e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jcl@5.3.29-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-jcl", "version": "5.3.29-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-jcl@5.3.29-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7f1b22f4-7848-54f6-83b2-c5576ff2fe90", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.29-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0fea16f5-39d0-5253-acef-c16ddd6f80a8", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.29-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e4e44b54-5582-5ddf-b432-962db2c8d69a", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.29-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3e0ab642-f716-5836-b23c-a3750e2f9477", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.29-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:878b27c7-ef29-59bb-beae-d2889bbd214b", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.29-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42f00833-2ada-50d3-9e89-b61deb7b996b", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.29-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c7562995-d88c-587b-b3f5-99ac7ee248d6", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.29-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c345557e-6966-5dff-8a8c-935378648743", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.29-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3216c679-8252-581e-b0c1-159db8389e1f", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.29-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c93e886e-3549-571b-99ba-ddb4972572fb", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.29-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:10f48712-9e9a-57ed-8d65-53c665b5a05d", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.29-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:62bcee61-b8e3-5869-b294-1eb924c9abd5", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-jcl 5.3.29-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:24143328-e94d-51c4-ab1a-99ba590d8918", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.29-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec832ec7-74b0-5835-9c19-fa0c8e5083e6", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.29-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36da90c2-349e-581a-8642-1d9a9229957a", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.29-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6708c05b-0f0b-5ec3-b4a1-054c5fe3a528", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.29-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:60498f46-0a3c-57bf-9ab2-5b08d83bdfc6", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.29-tuxcare.2 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.29-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.29-tuxcare.2" } ] }