{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2a8316d9-02d1-5417-9d75-d4e24ff03407", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-context@6.0.23-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-context", "version": "6.0.23-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-context@6.0.23-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:44d6a91a-2446-5771-b433-694c7dafb889", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 6.0.23-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@6.0.23-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:02892514-53d2-5b51-bc22-a52f470e52ac", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 6.0.23-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@6.0.23-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3813bd6-ecfa-5d62-9629-82c5cbd8e877", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 6.0.23-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@6.0.23-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:291ad92c-34e7-5327-87a2-7b2b1e39f8c9", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 6.0.23-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@6.0.23-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:650563b9-a5ae-504b-b839-a41bb230215f", "id": "CVE-2025-41234", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.0.23-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@6.0.23-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d92d031-3062-546c-a1c8-10743a161288", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 6.0.23-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@6.0.23-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e26e16f5-870b-5968-8710-45e9b69bcb71", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 6.0.23-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@6.0.23-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95316f79-ea80-5b43-9222-8c69e67f4d2b", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 6.0.23-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@6.0.23-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd7dc4dd-5009-5540-a106-aa0aff0a2337", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 6.0.23-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@6.0.23-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2a5f06d-e560-534c-a13e-33bdfdf53434", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 6.0.23-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@6.0.23-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-context@6.0.23-tuxcare.1" } ] }