{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:4122fb6a-f5aa-528b-abc2-96524968d178",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework/spring-context@5.3.39.tuxcare.6",
      "type": "library",
      "group": "org.springframework",
      "name": "spring-context",
      "version": "5.3.39.tuxcare.6",
      "purl": "pkg:maven/org.springframework/spring-context@5.3.39.tuxcare.6"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:c62f2f1b-ebbb-59b8-bcfe-e99d5d098ad4",
      "id": "CVE-2016-1000027",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.39.tuxcare.6 of org.springframework:spring-context."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39.tuxcare.6"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:967522c1-c6c8-5faa-9f73-f08052413b29",
      "id": "CVE-2024-38816",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.39.tuxcare.6 of org.springframework:spring-context."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39.tuxcare.6"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5adaee6f-5368-5cc9-95dd-1c71e8b74a40",
      "id": "CVE-2024-38819",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.39.tuxcare.6 of org.springframework:spring-context."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39.tuxcare.6"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6bf5d979-feac-51cc-bdf8-a06aef212846",
      "id": "CVE-2024-38820",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.39.tuxcare.6 of org.springframework:spring-context."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39.tuxcare.6"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:507c69b6-9f53-547f-8faa-505490c5b3cf",
      "id": "CVE-2024-38828",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.39.tuxcare.6 of org.springframework:spring-context."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39.tuxcare.6"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1bb2e3b3-2903-5b93-8f40-80503d214167",
      "id": "CVE-2025-22233",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.39.tuxcare.6 of org.springframework:spring-context."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39.tuxcare.6"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:7971e766-6d41-5e5d-b9fa-d31d37314e9c",
      "id": "CVE-2025-41234",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-context 5.3.39.tuxcare.6."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39.tuxcare.6"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:3a04292a-4f78-506b-93d1-28ba8b0a5462",
      "id": "CVE-2025-41242",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-41242 affects version 5.3.39.tuxcare.6 of org.springframework:spring-context."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39.tuxcare.6"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:007f1ffd-6aca-5ea1-8e56-ad94a467d95d",
      "id": "CVE-2025-41249",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-41249 affects version 5.3.39.tuxcare.6 of org.springframework:spring-context."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39.tuxcare.6"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a6722219-6151-5d22-9369-12e321a4e9bc",
      "id": "CVE-2025-41254",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-41254 affects version 5.3.39.tuxcare.6 of org.springframework:spring-context."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39.tuxcare.6"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:52890335-5ff5-509d-b988-2a90f4a03655",
      "id": "CVE-2026-22735",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22735 affects version 5.3.39.tuxcare.6 of org.springframework:spring-context."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39.tuxcare.6"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:2a44d708-6e96-5bbf-a730-78a2c20be61f",
      "id": "CVE-2026-22737",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22737 affects version 5.3.39.tuxcare.6 of org.springframework:spring-context."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-context@5.3.39.tuxcare.6"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework/spring-context@5.3.39.tuxcare.6"
    }
  ]
}