{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:cea2bb98-7b6b-5ffb-9581-319b584d6f3b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-context", "version": "5.3.7-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2036adf6-cb8f-5d7c-a8f4-2f4fe4bbb4a3", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:877e80bb-9973-505b-85c6-52b2137c25ee", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:482a1e98-0d48-5e60-b0d3-b83cec0d1fbf", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6fccf344-9cbd-52d9-8d7e-2b329c64af79", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fedb4b58-d29a-52e8-9f64-aa07a116ccb7", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:41fa76a6-c809-56c1-abfa-9990a8d4e971", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:771643f0-b894-5096-bc77-1c2f6d36a343", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be420b9a-dff0-52cd-bc26-6c02d3d67151", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be536a5b-2adc-58d3-9945-95dc65c2edcc", "id": "CVE-2023-20860", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20860 affects version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eaa13151-aa14-5497-8aa4-685bb142349f", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce0288b6-9cec-528d-8345-460d90ff866c", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cef71548-4f22-5c19-988c-194d5a7fa213", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fce1e439-62da-5172-b8c5-cf4c8cf41698", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e1d9cda3-868f-503b-b29e-d70e8a68e0fc", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc1209fe-104a-5a6f-a2cc-b87159e887b1", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:56636f1b-1473-565a-960a-ff53fc1f037e", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:16ce41d8-cd9a-56cc-857f-7a155027d927", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7923b512-54cb-53d7-9850-30f3949d702f", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:04b91d54-6f52-5bff-9d60-a02d53a011d1", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e82daec-0b5e-5389-8274-5d4f3e366b7a", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eec54465-dff6-551c-b96c-35c722cf7b0c", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c0c7328-1881-509a-8c32-8916e14cfdf9", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-context 5.3.7-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e98a6ed9-c5bc-5ecc-8567-ebd9292bcd56", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b945b3d8-c2de-5842-bf1b-546bd071ea87", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69a0394a-20e7-5335-860b-4e65dd557b14", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4aef8bfd-be1a-54a2-912d-5b747634183a", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:57f21b6d-a020-5192-9e2e-892cfeb326ab", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.7-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.1" } ] }