{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fbc541fa-dd44-5a99-882d-493f27225d4e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jcl@5.3.31-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-jcl", "version": "5.3.31-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-jcl@5.3.31-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:99978e4d-e9df-5fed-a681-9abf3e0d1bec", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.31-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:feba4f34-2234-5719-833f-1ed0d29f531f", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b05e46ce-ed21-5dc8-84d7-ecb20d5a4fd7", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1156ec3c-481f-5e9a-ae41-987c244f1380", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2813d95d-c9aa-5caa-8a3d-67740a5acce4", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3ef9389f-0c8a-53cc-aa67-cc3e08d238aa", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b4ad4a0b-2f61-5107-a4ea-5ddc1c339023", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e225e6cf-ea0a-549a-8d8f-de35690f4098", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:09f80c42-e478-5cf8-872e-126fb2b48716", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6391cf41-b4ae-5e70-a7ae-64a086b88c26", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:97137771-88b8-5a49-a9bb-b0e735cb8ab7", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1fac4451-eeb8-5185-8a13-bc1cbcaeea18", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-jcl 5.3.31-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2513a9f2-96a7-58c1-aa53-0f9e878f8b9d", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9efc9d6f-7603-5b05-a4b5-94a561165e4a", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5102719d-29cb-5f86-9d71-8a508c5be897", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:423e163d-58de-55f5-8ff0-a991e128e134", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.31-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:44e5fd0c-fd87-5a5c-a75d-666aa6e4b047", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.31-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8868a81d-d6c3-58eb-9203-0521c7622d91", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a88af8c8-5d92-5648-996e-5a49a176c6ed", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.31-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c32c9135-44a7-5840-a7be-badc935cb21f", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.31-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31-tuxcare.3" } ] }