{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fb92dc3f-3712-5a42-ae81-f71c3a7ebede", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-jcl", "version": "5.3.7-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:94bdc4b9-4dd9-5d52-aabf-aeff8c70f60b", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:62b0bbf8-a897-51a5-bfe1-6a309ce7c2b7", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:76499b44-b410-5ed2-8230-3147432c2607", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c3952d1-794c-5aec-929b-029c7208217e", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91b81fd4-689c-5286-9e1f-01865079c425", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d5da66c6-9aaa-50c8-9a91-151e42879bbb", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:73dafeb8-a6bb-5ae7-bf13-f34f0ff6f8bd", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7397cd7d-e2a3-5bb9-95af-718c95e27155", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c9c04ce-a1ce-50dc-ad47-de0600808efb", "id": "CVE-2023-20860", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20860 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6fdb39e3-c9dd-54a0-b2a0-8bd91813f90e", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f2f25c3e-6f10-51b2-8656-70d4d3d83eb1", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2d9ac186-fbdd-5d17-b8bc-3f02e06cf692", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3eeb69d9-af41-5d3b-9cfc-ceeff2d2dfb5", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:42ed1d28-9c30-5bcd-b07a-7cc9d060b232", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:13bc4768-83b9-527d-b0ae-f5491456f87a", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:18bc94ae-1be9-5638-a2a7-7b749272ed7e", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:27fb356a-35c9-529a-b300-8ea72ac3c55d", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:956dcb85-ab69-56fc-ba1f-e5b4381a2f88", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5c6c4ba-d112-59f8-813b-0533f4e99584", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2ed189e6-10ec-5128-aa12-0b76ff17d394", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:67cc2c2c-f04b-58e6-8a92-cb4ce9aa2f5a", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:54d396f2-8091-5755-ab46-87f8cccc3f5f", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-jcl 5.3.7-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b71899bc-7085-5629-90e6-4f82dca3a21a", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5f5cb1d-a5b6-5275-8111-037cfe2dc989", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:04201a38-b629-5fef-b23a-c229375cf975", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bef3c09c-cc60-56c7-97c3-0cf73c26e9e8", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb636ce5-f366-52d0-9da2-94b9227a8deb", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.7-tuxcare.1" } ] }