{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:468a67fc-3d9d-5d6d-95c1-511b9a32a27b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jcl@5.3.31.tuxcare", "type": "library", "group": "org.springframework", "name": "spring-jcl", "version": "5.3.31.tuxcare", "purl": "pkg:maven/org.springframework/spring-jcl@5.3.31.tuxcare" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fb893950-9d8b-5a25-9128-5ed956e06e10", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.31.tuxcare of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:eed15d1e-09d7-50a7-885a-54ed98c8f453", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.31.tuxcare of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:01c5f09c-6dff-5836-ace2-aae231405960", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.3.31.tuxcare of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:95ff2d69-c0d0-5138-a7c7-a0ed4beadac1", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.31.tuxcare of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:9152efaf-503b-550c-afdb-2f33d1723761", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.31.tuxcare of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:5114b89f-340d-57ae-a5dc-8ea25a86f340", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 5.3.31.tuxcare of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:016a9db7-9639-5978-a4a6-f752e8949d73", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.31.tuxcare of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:5a229b3e-486f-53be-bdaa-24db1f0d052d", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.31.tuxcare of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:c5cb915f-d03c-5739-acca-5affbf102a7e", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.3.31.tuxcare of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:059773db-a1a9-555c-a5c3-c1608f6b6165", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.31.tuxcare of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:0a170a46-25e9-5bab-b2ea-5bca879152fc", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.31.tuxcare of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:6c7040da-5a77-5a13-9f2f-bc1af5b003d3", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-jcl 5.3.31.tuxcare." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:60e8ec20-3c35-587c-86da-28328147f79f", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.31.tuxcare of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:f17f311f-48dd-5630-a913-57c1b9c3a1da", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.31.tuxcare of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:f6f3d4af-7745-59b1-94a4-466f7552ef14", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.31.tuxcare of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:95808788-0176-58e5-a2f8-39c2a074aa77", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.31.tuxcare of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:c392d799-a574-5ad4-8235-7d482a1e6657", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.31.tuxcare of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31.tuxcare" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.31.tuxcare" } ] }