{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d365be38-8819-5eef-96e9-a205500d4166", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-context", "version": "5.3.24-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ab75cb9a-e502-5fb5-a9ad-647e510d7078", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8973deeb-1756-51bc-80dd-4deeb950fa92", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:122a2c74-5ab6-54df-91a2-fbcee6aeba5f", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b8453d68-1096-54cf-b1df-89883ae7e449", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7138e8c0-2bfa-5b30-b2df-a6971d8dccca", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6c2d47a0-a0cf-54e7-a93c-cfca4d87024c", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ce56574d-6611-54b5-975a-c7dcbd1ccb1a", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:30f59bc8-eb14-5d38-bdd9-268c2b9d24b1", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ecad62d1-8544-5d03-9c49-81abced8b135", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0c8e75a6-cab8-53c7-a4fd-649ec65347ee", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f6359482-3838-520f-9dc9-60a949b4d0b7", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:419c46bb-c87c-5525-96f1-4ff619dc670a", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:88dc951e-38bb-59de-ae0e-6998dca889d8", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f5360b9d-9145-50a2-a266-e39938bbcbe0", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ffa01dfa-2b7a-5738-b16d-88e8e7bc8db3", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:34062058-7965-5799-8b2a-e865169cacdb", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ff7f5bda-4558-5ac8-aa33-fb6f5a149a40", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:50c45b23-e4d8-599f-84fc-94aba23dd40e", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:02ff331f-916b-5a40-9f62-fc4a793ee3dd", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:23489a1a-8dbe-5f5b-90fa-a8a43c73625f", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:114469ed-37a8-57b0-8a08-365930e4d7d5", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ebf89961-8c2b-50d9-ab59-1131aaaffac3", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1df5f9d7-1eb2-5312-a538-5fbb9dd252b9", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1ed4e795-a000-5261-8a77-039f2fd1137b", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e81f31b7-159b-5c42-acb8-105f14e05308", "id": "CVE-2026-41840", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-41840 does not affect version 5.3.24-tuxcare.3 of org.springframework:spring-context. Patches already applied: 7052da453285658215efc1dd5ecb0d472fde2de1 (already in target via 2c11852775 'Backport CVE-2026-22740 to 5.3.24')" }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8fa7981c-ff21-5173-a8fa-aac554ce4fa6", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c93da37d-1020-5a9e-ad56-68005a82d075", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f4bfaf54-099a-533d-b9f9-ee0214fd1ccb", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c2414b1c-aa35-53f2-bc64-755dbe2632ad", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d188c8a6-7085-526e-8814-6c74c46f662c", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:29ced904-dd89-51b6-818d-2edb4bcc98d6", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e8b244d3-4605-5792-83d7-ace5903aa150", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5bafe613-62dc-5dfc-ab81-b16357a1581a", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c06ca56a-6353-5934-a5aa-984937615d3c", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c6f62df5-972e-5363-b355-b8b616468665", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fbd27e92-2c87-50b3-8d1a-fbc4287a5663", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5b78b853-7cc5-506a-b751-dd3072570408", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4739208c-ae1a-5368-afbb-d9d732848541", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4e910dbd-123a-55b9-8365-526df6aa2dde", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.3.24-tuxcare.3 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-context@5.3.24-tuxcare.3" } ] }