{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9ef95c4b-5421-5fe0-b658-124b03d8f7a3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-context-indexer", "version": "5.1.5.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:86905f6d-4596-5935-8447-45dc73f8d512", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6df13f9b-7d96-5adb-963a-27b99f044cb6", "id": "CVE-2020-5398", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5398 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec82305a-57d7-5bf0-9928-cc95cff58d2a", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b6edbedd-380e-5f7f-a78e-e65420fc3435", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ff4925c7-7e9a-5e16-b33f-c77499fce2db", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d3e3bea-fcda-5052-ad90-aed38b3dfd00", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f8c7c07a-7235-5cce-81a9-338667053bcc", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e30195f-2066-59b2-9571-6e185cfcbe4c", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:937f86a6-7741-5ad7-8183-dfb27955cb09", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b9197e78-c055-5b8f-8288-c69eccfc705e", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cb887f55-0bee-52be-b410-fd6fb1eca560", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ff2523e9-a8db-581f-88ad-05e255130ba6", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9210f91c-309f-5365-8ef7-2956465e3edf", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:081e536c-2db1-526c-9822-066146bdb849", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af9f0b19-0b06-5166-998d-16b0def03bfd", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d631bbc-33cd-5ff4-8377-9c702322e92d", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b3982d8-220c-58ac-9b37-613e4aa275d4", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-context-indexer 5.1.5.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9efcb7ac-81b4-5776-a457-92985d1c0ad5", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2dfd538-86d3-519f-bc2f-e83044ecc611", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a107b7f4-27fc-55d8-a61f-ce1cc27c269c", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5fea3f8e-a1de-5cbc-9c85-0e6521b5d6c8", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7ad32bc2-d7ca-5ee0-872a-644215ea36b6", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f78d4fa-501c-5f56-9a57-c412844962ae", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd458087-0cc3-532e-84b5-57cdd5d07c5a", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cdbb86f2-9047-515d-9103-092e88336399", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de367bed-3dfd-53bd-b598-effbb9ab72a4", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:efe6edd7-2bd5-57e7-92e0-5813d0917df1", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:089afa20-17de-5dec-92b8-97dac679dbc9", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:53cd2c60-8bc6-51c2-ba5a-6a84236d73ae", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bdabcf7f-a8bb-5b6e-8ba3-318f0b32b139", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:63391ede-a82c-5da1-b314-fd9a6551b5ce", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c1ea8e4-f901-5abc-a055-5cdfd4b39af5", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:656d89f2-8811-52f6-b4d4-bd1a627eb495", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a39f6006-8716-509b-a9ca-4757c08071e2", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fd28d6b2-2ee2-51e9-b421-002c6ae8fce3", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5eb30fa-0e30-5de8-874a-5e1cc3564d31", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8992a5eb-c7c2-579c-920b-22069e75532b", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b7b16939-b1db-5418-8f79-72ceb2ba7a97", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ec3e905-20b6-5762-a9a4-c9a278c9ceaa", "id": "CVE-2026-41847", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-41847 does not affect version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer. not_affected \u2014 Spring Framework version 5.1.5.RELEASE-tuxcare.2 is NOT affected by CVE-2026-41847. The vulnerability exists in the Kotlin Router DSL filter function, which does not exist in version 5.1.5. The filter function was introduced in version 5.2.17+ (September 2021), after this version was released." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c8c4c5f7-743a-5f91-a68c-17eb3999e883", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:676b2ea0-eb22-52c8-a188-b161f9ebd9f8", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68025fad-0b01-5cb3-a3e6-d26a134171ab", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f27ad10-114d-5327-b504-695ea51306b8", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad43dae0-432c-57a3-9a2a-532c78ddeb84", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:963e6ed7-15dd-5931-9e45-6f3f08fbcefe", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb4ffcb0-ee31-5e2d-b073-c50980b19a0e", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context-indexer." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-context-indexer@5.1.5.RELEASE-tuxcare.1" } ] }