{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:9b83ddf3-d48a-5c9d-a2df-71c6ac63c7a2",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework/spring-context@5.3.39-tuxcare.12",
      "type": "library",
      "group": "org.springframework",
      "name": "spring-context",
      "version": "5.3.39-tuxcare.12",
      "purl": "pkg:maven/org.springframework/spring-context@5.3.39-tuxcare.12"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:22355817-c1b5-5e9a-99df-4ba36a25b32c",
      "id": "CVE-2016-1000027",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.39-tuxcare.12 of org.springframework:spring-context."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39-tuxcare.12"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:100d078f-68ee-5238-8223-707451d9affa",
      "id": "CVE-2022-22968",
      "analysis": {
        "state": "not_affected",
        "detail": "Vulnerability CVE-2022-22968 does not affect version 5.3.39-tuxcare.12 of org.springframework:spring-context. Spring version 5.3.39 is not affected to CVE-2022-22968 as fix has been already already backported by the original developers"
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39-tuxcare.12"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:589bfab8-8401-5394-b655-b26c47363289",
      "id": "CVE-2024-38816",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.39-tuxcare.12 of org.springframework:spring-context."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39-tuxcare.12"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:fd10abae-22d4-5d6e-99b5-f05890e96f51",
      "id": "CVE-2024-38819",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.39-tuxcare.12 of org.springframework:spring-context."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39-tuxcare.12"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b063b546-6b98-5a9e-87c1-119678ea2801",
      "id": "CVE-2024-38820",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.39-tuxcare.12 of org.springframework:spring-context."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39-tuxcare.12"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:edab011f-61ff-5519-aad4-efe19e2997bc",
      "id": "CVE-2024-38828",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.39-tuxcare.12 of org.springframework:spring-context."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39-tuxcare.12"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ab309087-cbb7-5297-bb3e-f58d19529cce",
      "id": "CVE-2025-22233",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.39-tuxcare.12 of org.springframework:spring-context."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39-tuxcare.12"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:21bae0a4-5a1c-53b3-9999-acca835a6f7d",
      "id": "CVE-2025-41234",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-context 5.3.39-tuxcare.12."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39-tuxcare.12"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1b792841-82a3-5c12-8cf4-4fdf57a13e19",
      "id": "CVE-2025-41242",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.39-tuxcare.12 of org.springframework:spring-context."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39-tuxcare.12"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:576faecc-ae58-50c1-a85f-143fdb9a2319",
      "id": "CVE-2025-41249",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.39-tuxcare.12 of org.springframework:spring-context."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39-tuxcare.12"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:90215aba-25f8-5121-ac5d-94527284bdfe",
      "id": "CVE-2025-41254",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.39-tuxcare.12 of org.springframework:spring-context."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39-tuxcare.12"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:af852c7f-2f78-556c-aee7-7aeeeea527bf",
      "id": "CVE-2026-22735",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22735 is fixed in version 5.3.39-tuxcare.12 of org.springframework:spring-context."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39-tuxcare.12"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:49fc9faa-41c8-56a9-be6d-93ec55f5c00d",
      "id": "CVE-2026-22737",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22737 is fixed in version 5.3.39-tuxcare.12 of org.springframework:spring-context."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39-tuxcare.12"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:7b6356ce-78a4-55a7-b650-b042caf7ed88",
      "id": "CVE-2026-22740",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.39-tuxcare.12 of org.springframework:spring-context."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39-tuxcare.12"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:0498da95-701d-5201-8ac5-d8811ec1b029",
      "id": "CVE-2026-22741",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22741 is fixed in version 5.3.39-tuxcare.12 of org.springframework:spring-context."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39-tuxcare.12"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1d5a8f00-7f0d-5f2e-95f0-6c049fe09a7c",
      "id": "CVE-2026-22745",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22745 is fixed in version 5.3.39-tuxcare.12 of org.springframework:spring-context."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39-tuxcare.12"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework/spring-context@5.3.39-tuxcare.12"
    }
  ]
}