{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b0ac518a-d4a5-54d5-aa81-f3b6ae87b575", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-context-indexer@5.3.39.tuxcare.5", "type": "library", "group": "org.springframework", "name": "spring-context-indexer", "version": "5.3.39.tuxcare.5", "purl": "pkg:maven/org.springframework/spring-context-indexer@5.3.39.tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9d7653c6-3b52-5cc8-b598-d6490b5e8f89", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.39.tuxcare.5 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.3.39.tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c4a18f44-ca0f-56c6-a8c0-8253b3ff5e79", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.39.tuxcare.5 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.3.39.tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7c36ae43-9714-57a2-9532-a00fe28df32f", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.39.tuxcare.5 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.3.39.tuxcare.5" } ] }, { "bom-ref": "urn:uuid:408dd682-88dd-5128-a3b8-79b47b5a99d6", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.39.tuxcare.5 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.3.39.tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4d01efa1-2a6b-5e70-93bc-cf5a8788611a", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.39.tuxcare.5 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.3.39.tuxcare.5" } ] }, { "bom-ref": "urn:uuid:802c754a-f95f-524d-b9a5-1666e35af75a", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.39.tuxcare.5 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.3.39.tuxcare.5" } ] }, { "bom-ref": "urn:uuid:78010412-9226-5981-a091-b4bae6dbfe48", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-context-indexer 5.3.39.tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.3.39.tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ab740376-c699-5b16-9512-87557aa6001f", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.39.tuxcare.5 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.3.39.tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4e4ad9df-8b7e-520b-8043-69b4bedc2692", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.39.tuxcare.5 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.3.39.tuxcare.5" } ] }, { "bom-ref": "urn:uuid:af8a5f6c-b118-5811-b15d-19696d75d2ec", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.39.tuxcare.5 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.3.39.tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7045f3d9-306a-55e4-9ba3-5eae23e256c8", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.39.tuxcare.5 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.3.39.tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a1655273-75bb-5e9e-9d21-b73487bab2c0", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.39.tuxcare.5 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.3.39.tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.3.39.tuxcare.5" } ] }