{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e60a6da1-540f-5944-8242-03e97a5d1e75", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-jcl", "version": "5.2.0.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f415fcc7-883b-581b-be7c-3e7a3c87bcab", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f8d026f1-e9b3-5c2e-9c89-c12e9143f96b", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c07a8f72-dab4-502e-b6a7-8818cf5361c8", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5411da6d-5a31-5a0c-8f1e-dde469d5f08f", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2ec5c100-eef9-52b3-ac7c-7c1e01f553de", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:42c0dabd-0794-5a9a-a0ab-f2b5ced2c306", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:19ef3061-a13c-5d49-b90a-3e2d40241e4e", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f0edc358-410c-51ca-9d2f-16a4f775c966", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:390f77ee-e423-5bc1-a9ad-ef452bffad76", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7e132581-af1f-550c-a441-be2942579352", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c472a7b8-92df-5004-b9dd-00a125e34d45", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:419612a1-a942-5989-949c-bd3d1026aaf4", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:34da8fcc-f18a-5974-96ed-3a19d159cfb6", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:303d7b28-5b84-579e-8a61-328ba245cb8f", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0608844d-c9f3-5408-a0af-25fc7fcdec8f", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d0294a54-eb9b-5db6-99b9-6f34a7f7295a", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d2710c73-87c8-5b2d-9d68-4383e42a2b84", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:97895207-e8fd-58e3-af0c-e62a2a736fd3", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1b745aa1-dc5b-5f04-9999-27cd0ec61aaa", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-jcl 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cbbc3143-aac2-53ba-a1b3-40ac44ebf912", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1eda2aed-76b5-52d8-b97b-460136a1e13b", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2a030a2a-1f22-55c3-a01c-2d4038c3094d", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:55a80d4b-831f-5227-97be-0e6f7e594c4f", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c1f62c72-f9b4-5f05-8afd-2fe6c0b3a302", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-jcl 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:858029e7-0ee3-56d0-8c40-8f49bea12fe3", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:950f5ccb-1730-57a3-8d31-8f21077a1f33", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fbd5745f-98e7-5d23-ad19-1aaba663a145", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7649cd29-661c-574d-83db-950229f0afdd", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:519e2b79-6413-5164-8b7c-3a73cb12477d", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:29d2040a-5637-56a1-ac9b-b78385bc6715", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:269160c8-13e4-5dde-92c4-2d135addc25d", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f5ce6639-7979-5297-a6b8-162b903ade7e", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:69d44b7b-8bae-5808-aab1-e05732b6f8b8", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:68bfc9f3-cd7e-50b1-8b31-4d24acd6beb8", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f94cdd3e-5bef-58c5-86b9-fd913e715d8b", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6ce3f29f-981f-59ea-bfca-efc5dad2781e", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a39f52f0-ae98-5e8f-8505-dae1d7826ee3", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ae3beec9-f202-529f-a436-4a500e31fc1f", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:452a5e65-9eb4-5211-aa82-5e19aa326edc", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:77e8b146-ca5c-5854-b2bd-be5bdf956b81", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c8e803fb-e9e8-5b85-8fdf-ecd06ca8a356", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:566346f3-239f-5eec-906d-62fefa14b27e", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2e0f335e-a676-51e9-b74e-42fb2b6e5766", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d0eb40aa-cb17-5312-8fb6-f010873b4a47", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b3463bd9-0d3a-5b29-8ae7-0900f9db518a", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.2.0.RELEASE-tuxcare.3" } ] }