{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:932842f4-1966-5f97-9e13-72b8c8e2cb37", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-context", "version": "5.2.0.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:91802117-6cff-5dbf-9e87-943b3bf567f8", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b30a75c-10c1-5ce6-a687-66afc4029881", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:46d98146-de08-50e5-9546-6aec4a51fb55", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2043a55b-eef4-5159-af5e-779682e07706", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6415da74-cb5b-5a46-a0dc-01ce079c4ecd", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d80bd6e2-b808-5de5-8628-7888346d0edb", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:68455236-161d-5ec0-8d99-0a4aca01f190", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2948a060-c4e1-561b-af2c-d417ffdb14fa", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5dd7e419-703f-592b-8e6f-72b07a75b421", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:67b08cb3-256d-5eee-8b2b-cb16ac3127b0", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c43d29dd-6f91-5a5e-a797-a9f6e2e2dcdb", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ccf15fb5-0579-5dd4-bf43-a905431a76c1", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f1d1a8e-5dbd-549a-9f2c-a8555dc77c4c", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d95dbc93-5ea6-52fa-8074-6195936bdd15", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6f44ff03-ba1f-57f8-b8da-7c0afb5d4b94", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b21d864-e3a1-54f0-9cba-fc2fad9fd0b4", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36425e45-27bc-5d23-9cb2-1437c2d68e5e", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:982bbddf-2508-5713-b525-1d98917b87af", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:88e4652c-8703-5000-b3c4-eff088a20ed1", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-context 5.2.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f81de7de-9f23-5388-9b12-de7079a18694", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:edc4d080-6e1a-540e-a14d-7035f9ecb9eb", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f6f389c2-620e-5d6a-9659-cc66dd20eca2", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2ea7966e-ad25-5f8f-9478-d5104dbc22be", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c5d183b0-3c91-5801-8d4a-34b64167fe2f", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-context 5.2.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3b199fb-6eaa-5db5-94bb-dd483feb5c66", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.2" } ] }