{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9dc71d56-c54d-5c9a-a64d-448f30e8576e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-context", "version": "5.3.37-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ed9a04b7-c18c-5c3e-ab07-77d3039b5f32", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.37-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d2b2c388-8d39-5ca0-9cbf-6833ab2a623a", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.37-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f69b716b-3a3e-5e40-83b9-8b1663aa97a3", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.37-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:da4ab5b5-800e-5f51-a851-8f1479eb75a8", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.37-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1611bcf3-8c4c-548b-94e5-d8c4a8265981", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.37-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:43447f40-763e-5b83-a796-1870023408c1", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.37-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:84611e12-b36c-5fac-8008-81e09ddc4059", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.37-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b8eab12d-04d5-542a-9813-d835ef09f782", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.37-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2b6ff1fb-6ae9-528d-9721-1385779f494f", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.37-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8042a0a4-8222-5a5d-9428-65b5a45fdec9", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.37-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:390f8f20-dedb-5873-b4f2-079afc96308e", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.37-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d406a359-c308-5271-88c7-47a7105d42e6", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.37-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cfaf9452-1923-5498-8991-bb9e778c4d59", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.37-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.37-tuxcare.3" } ] }