{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:63025c13-1c58-5328-a4fe-5eb878fde9b4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-context", "version": "5.3.37-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7a43d333-9ecd-5372-996f-d7f8540ffacc", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.37-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c916b5ff-975a-51f8-a830-304eb7f6dc6b", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.37-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a205c365-a161-5486-be73-fda48e51ca10", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.37-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0de922a5-ec30-5b49-8465-4e19a05ae5bd", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.37-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:29528eda-a15f-54ad-b855-646ac89b0e54", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.37-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a0289e9-d47a-51b1-82e3-16f6cce2e45f", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.37-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:826901b7-a092-59f8-9b8d-57fab60d6d57", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.37-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9e548fc-4ff0-5f67-b5c6-26fdff0912c6", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.37-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dfaf2a1f-d4d4-5f23-a5f5-24b2557dde81", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.37-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76511f30-048e-55a8-a2dc-2932890f3240", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.37-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:656df036-86f2-5c37-b48d-3a0c5cd05080", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.37-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6170d93c-5fa8-58c1-806a-fd7d3e46ac63", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.37-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba2f5bf2-f1ed-5335-8c81-9f0e012ec7e7", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.37-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.2" } ] }