{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5739fe21-792c-5e7e-88ac-ce542279b928", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-context-support", "version": "4.1.7.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c269e064-dc25-5dc7-a817-2675b020b3ef", "id": "CVE-2015-5211", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5211 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad695a2a-948c-5d4c-99f1-fe9a23f3cf4c", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3292159a-9b42-5b0c-b5a4-1f73f0ed65db", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3822d85e-547e-5147-884b-abdab0ab2581", "id": "CVE-2018-11039", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11039 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:359b5a88-ac8a-5cf3-a0d5-306105d30bde", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8518dd89-0a47-577a-ba62-be531d9e2bba", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ee980b4-61da-5f84-9e68-abbc4216eaad", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b3ab7564-21ea-50a5-84d8-9930354742ba", "id": "CVE-2018-1271", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1271 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:902ef96a-40d9-50c3-b589-bdd634b9508a", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:239e05ee-6301-58eb-bfef-a4e104eddf55", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d981d8d4-c6c5-54b3-9c41-149d25a3353c", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7bb0c515-96e2-5243-915e-73b91bb9cd1e", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:10c60e3a-4bc0-5bf6-856e-e310d80314c3", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1906bd14-0865-50d6-8f6a-c39703b46632", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5b98ade-d663-5e19-8fa1-1df9b8f226be", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1582f24-a955-5f74-870a-2964115674ee", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a56d639f-61b8-5a01-ace6-d5f532b63c47", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61886710-69f7-5eba-8623-b7ac4c72a326", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0373b594-c84e-5f93-9bd3-a9bb32042a55", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba799b72-3d29-55a9-bb40-646cb5ed8cce", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e92dbb21-4351-528c-bbfa-7b8a46221ca0", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4748c89-34de-56d4-afb0-38d1ad08fbbe", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2e2dc1d0-e692-5900-9613-5b5b7c1fe43b", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef9a0a81-4680-51f9-ac83-cb79fa9e69b1", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:340c118a-0753-5bc8-bf21-1318a730b61a", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:15ce295c-661b-56ed-ab85-aec1a75bf92e", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4baa2fc-ced0-5556-9521-659cf3587027", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4c8b762-e228-57ec-acca-2ffcf3dc0585", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:263456be-0a3f-5121-8217-b035d85a7642", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a9cf21c8-72cb-53ef-a047-0177227051ab", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4fc3ff22-7d27-5a7a-8348-20cb75b0a733", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4fe47c11-2d11-5e0c-a851-154af7140caf", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0df27af-190f-53ac-a402-31b659b10651", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b30633f2-e2e9-5290-9ac5-eef3b2bf445c", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a784ef0-e86f-5bd7-ae4b-a72bb14e36ea", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:352b89ad-8c87-589c-9aa7-4167eb9035e3", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8d267bb4-d01e-5898-9395-50d73d6a0941", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca9eb1e3-cc70-5706-8207-2a4f3a0b29f0", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3aaca64b-bf60-5256-a627-784ade49e5ae", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9de225c0-b787-5c17-8191-19278c5b9bcc", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ecba60e7-4e01-55b4-99dd-a63e1b4a0d0c", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:26aae131-0377-5110-a05a-eed016129f58", "id": "CVE-2026-41852", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-41852 does not affect version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support. not_affected \u2014 Spring Framework 4.1.7.RELEASE is not affected by CVE-2026-41852. The vulnerability requires record-style property accessor support (empty-prefix method lookup), which was introduced in Spring 5.2+ and does not exist in version 4.1.7. While this version lacks void return type validation for getter methods, it cannot invoke arbitrary zero-argument methods as described in the CVE." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a146576d-e993-5839-8eed-b0d152ebeab7", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aa644afa-af62-5521-8956-9b92cdc7c11a", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-context-support@4.1.7.RELEASE-tuxcare.1" } ] }