{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:614b576c-c568-5f85-b00d-1447197e23a4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-context", "version": "5.2.0.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3f2639c8-e4ab-5387-a941-3950b499eead", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:306966cb-53f1-5443-bc33-4abaf12651cc", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5c92a95b-c3cc-5437-97e3-8299bc6da0cc", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:49c9b53b-d31b-5224-b091-3ea65a7a5f19", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6d5f6935-80f1-5a0f-87f5-41bb4253162d", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:54619c16-5635-5e76-9b68-e1348b3b158f", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:da3803f6-3008-5090-a624-f7a3d1688cea", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e1bc6e97-28d9-5670-98b6-cda009e90542", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c19e252a-b7db-59f4-9180-1f2a5d733513", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:edfd5354-4c80-5881-b3b5-7cf3ff5afaf5", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:91ae546e-cfdc-58c6-8a45-9fda823c008e", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:11a70c00-f16a-5549-95cc-ad55dda9fb1d", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c1e71c66-8d7b-5ed1-bbcc-50f5c938cee4", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:66ef2457-7a8d-5b19-ae6e-5be032a7ec65", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0c580a36-5b7d-5b42-b89a-a4eef75ef6d5", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3a2c8dfe-3691-5c9b-894a-1568f0540fc8", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2119578d-1b0a-5ff1-9ef6-b78c9392616d", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c79bb717-533f-5dfd-8e98-6f123f2abf3f", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1ac016d2-001e-547b-b2e2-b0892d224a43", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-context 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:71e5c5ec-949d-5ccd-aa6e-5aaaf74fbdb6", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b8c4a58a-ade5-583f-bc5a-1c7d396f5f5e", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d736d051-6fad-5ab1-a133-13490cc72334", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:721a166e-aa35-5188-9e34-49af55474ecd", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a6f03efb-ac6a-57f8-8cad-93e55c33c35e", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-context 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b26af8f4-d5c6-55a2-965e-83b91cdf6e82", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-context@5.2.0.RELEASE-tuxcare.3" } ] }