{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f079a72a-c6ac-5c09-870d-17fc481fe2e7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-jcl", "version": "5.3.24-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9273049e-9ad9-5ac8-a36b-aaad28793bfe", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7ba791da-e01e-53bd-aa86-bf54d45d2556", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fd7fad30-665d-5251-a28d-4e65687121e1", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:45669249-e3d5-5ba8-8075-582d25dd05cb", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:44115e51-7e95-5b30-8f6d-ffe13cc103b3", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9d024a15-709e-5b6b-afd4-0063af70cefa", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:55d94dfb-06b3-5ac6-bc10-4f3a6ad36e27", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:89de52b2-297e-53be-9a1c-b9aaaf7304a7", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c6ad1340-832e-5b74-bdd6-803ca2d1508b", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:28147c2f-61c0-5ef8-8657-cc950520aa85", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:74f984f8-7a6e-5d13-886f-3e72da3e5d6a", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:635c422d-e9a5-56f3-ae3b-62689c53e326", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b5d63480-b502-5c3d-9a02-26dc2e828a14", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f60c9997-b9a2-5ce8-b71a-15c04966a410", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e55df5b1-9ea4-5023-9cbb-db978018e906", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0951814c-3ef1-59a3-863e-7b86bce0f1a6", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e6e98feb-df19-5900-8da1-5fcd129a9a4c", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7cbf2d8f-3c38-556f-8900-0cf7bdf1cf4b", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0cad33fd-f1b0-5372-b893-c314f2a03098", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:84754f4e-c12b-5638-a1bc-f44e901a979d", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5e474305-9fa4-5925-aac5-93dbc945d431", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f9497026-e550-5d60-8c73-2f42de2a54b6", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:20c51f7c-0bc4-5f7c-bebf-b2eac876aa07", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:896ac64a-ab94-51c4-a82c-569a017a7235", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c12cfdff-f0ec-5ce1-b85d-9d728789d39d", "id": "CVE-2026-41840", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-41840 does not affect version 5.3.24-tuxcare.3 of org.springframework:spring-jcl. Patches already applied: 7052da453285658215efc1dd5ecb0d472fde2de1 (already in target via 2c11852775 'Backport CVE-2026-22740 to 5.3.24')" }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:75ba4b9d-1ba5-5e3d-a2c3-adade530744d", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9017a798-153a-56da-851b-5d372d33a8c6", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:99346942-8838-5cbc-8c86-b439b8c24db3", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cdff2f1f-b3a2-5344-8ae9-4e53cff8aab1", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f67bd3ae-7738-5870-ab58-f08ae050601b", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac92e4b8-eb52-535f-821f-69ef6a249b0c", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d06af1c0-642a-5782-ba39-af6593a87454", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d4548418-fdc3-5895-8846-f59ee708df6d", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:56953e08-a0d6-56f2-9ca5-41374c7d912d", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b6416cae-cbdc-59b3-b6c1-7f6773f23cce", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f6d33002-2a05-5c7e-9cc2-c0981fc61ee6", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2b34cad9-a409-56c7-bdc1-296bbb51c9b4", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bd7d33cf-104e-5e71-a0cd-f70dc8c76340", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ad1a35ed-48b2-574e-9510-b2083219d814", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jcl." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jcl@5.3.24-tuxcare.3" } ] }