{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1422694e-39b6-5056-a0ba-2f449b8def25", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-jcl", "version": "6.0.23-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:088c0d09-2579-57df-808f-d76029282327", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 6.0.23-tuxcare.4 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:815e48fb-9599-52d7-b9e0-e9122db49384", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f3af72f2-fca5-5e5b-8329-dacb444149bd", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8519a18d-c89d-5b59-8638-880354ba0ee5", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f0db7f00-3649-5a72-b37d-c4643498c62f", "id": "CVE-2025-41234", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bceda96d-2cf4-576d-b8d9-6841f072f40c", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 6.0.23-tuxcare.4 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7c74dcb8-faf5-54c4-acda-51e24c91a3c7", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 6.0.23-tuxcare.4 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0d97b75b-8002-5699-bc8b-66d5544cdf7a", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 6.0.23-tuxcare.4 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bb79d288-1d34-5f2b-b390-a01451f9983c", "id": "CVE-2026-22735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22735 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:71bc7fae-9248-54ee-b868-81714ef20fd9", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 6.0.23-tuxcare.4 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0b656e02-4a1a-5594-8416-9a8b017091ed", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f7dc2342-fcc6-5625-a130-796ad8388359", "id": "CVE-2026-22741", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22741 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:87ad76b4-48bb-5c4e-902e-d276086077d5", "id": "CVE-2026-22745", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22745 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.4" } ] }