{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ad4ee158-5533-5267-a07b-f3e53f9eaa4b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-context", "version": "5.3.7-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4ecaf10b-e98f-571a-bbb0-3da865b9952f", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:94eea8fc-99bb-5541-a1c8-6435a0516a9c", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97588340-8af9-5776-a0a9-9fa8729b1a18", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4c1fa9d5-db1a-5cc8-bcf2-311f94c4fd4d", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3cecc08f-abe5-531d-8da3-9b8cd7343a0a", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:21613406-d6d3-5011-8fb9-d6c8420e7a2a", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e3211e1b-d229-58c4-92ce-24a4d5c77c61", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7fbd0c36-a2e9-57da-8502-f28947563ea3", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:676842f1-691d-5245-b9f0-5c80088ddf94", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e305312f-13c5-5aba-a13f-6260b4def852", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4981c438-ad02-587b-92ef-44f159790adc", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06618c69-a0a2-56aa-86f2-ed30b66e8a59", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3866349d-a71d-5645-b657-774220f8a845", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f75b8b07-e3b2-5f8e-9827-594fff43063c", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:711f8318-bf0c-5249-91c2-48645459587a", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a193a1b-0eaf-5d87-81d4-ad7f97a0a984", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d4bc7b08-4b01-5202-b516-3951716ae550", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc33c4f5-c606-5369-9b75-225693c98ba0", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7f5e7b3b-3a0d-587f-b49e-871973547782", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4c5c4501-fb3b-5588-b016-aea4e4638dae", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ac02f8a0-0356-50cc-bc15-9875fe804260", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc3ab7a2-aa18-56ed-8eff-1c106baef0a0", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-context 5.3.7-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77acc93c-76c0-59b3-a20c-f7cc47b38e80", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9fdc8a71-fb42-5459-acca-545b0e8acce1", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b6d4884-784a-55fa-80b6-909d3f6421ec", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:12ac1ad6-80b0-5814-a3c2-b4237247f021", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:322e898c-d290-569e-bbe3-a53d2e1bf97f", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.7-tuxcare.2 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.7-tuxcare.2" } ] }