{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7f1e1987-ae5d-5187-81f0-b051e52509a3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-jcl", "version": "6.0.23-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:555f3948-edc3-54a4-97ea-1989c72ce15c", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 6.0.23-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8b317add-243f-5605-8722-49b97dc1dfa7", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b4631f71-df8a-5a40-8da5-c4845ebae328", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:acbc32b9-bca8-5b52-8c0e-67fe5d3b544d", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d3078255-1d17-5a0b-b62a-7c9f58b5116d", "id": "CVE-2025-41234", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ee3fbcbe-7160-5066-b7fb-6c9c4b5b2a4f", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 6.0.23-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8915fece-7c32-5625-8fb9-63ebb9e35ae9", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 6.0.23-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bc9be6c4-3f2d-5328-bd3f-dda55131c84f", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 6.0.23-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c64c7755-181b-5a7b-a9d7-8c59b61150b2", "id": "CVE-2026-22735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22735 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:74757e20-b202-5daa-b0f7-b0c5cbff01ce", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 6.0.23-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0e250ad2-f740-5fdf-8f91-6cae161f6229", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7556f28c-6029-57b1-8761-b851aecaba49", "id": "CVE-2026-22741", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22741 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7a68142f-afcd-5ee7-a99e-99636e17344d", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 6.0.23-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jcl@6.0.23-tuxcare.3" } ] }