{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9af3fcaf-9bde-53c9-bab2-fc332f176b2a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-context-support", "version": "5.1.5.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a914b169-b311-514e-9ce1-6acbcd845164", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:139e6ad2-4752-5c4e-bf01-70876fbac5c3", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6e176187-534c-5874-876b-b071817753f4", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:de3ebbac-b9c0-5680-8b9e-92137cebc8b8", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4c8aa670-631a-5e53-98fb-a7fd11aff2ea", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ead032b-0538-56af-83ba-a977af99668e", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fcc7a651-5e22-5a49-b9c8-a803e13b86b3", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d651c89-2561-59ef-bd6e-55a2e7c53609", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df6441ea-ec2f-5162-8771-5a3fc153bcd6", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:46e84c3d-2c29-50ae-a6f4-50fb16028c0e", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d729cc10-1f61-5f0f-a54f-ee50707b4916", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:acdb8511-adfe-5dae-996d-2812117c0ee9", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c0c1a143-fa03-59e2-8151-ce7b35b0645b", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:80ab6a40-f43f-514d-b268-b0547dc7f142", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:621480cc-2b46-53de-85b7-326f2f223696", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9a9f2a9d-19bc-5201-a7a0-009815be127f", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9463f9ac-147f-5c1c-b984-1c97d734c83e", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-context-support 5.1.5.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:30f31a25-5cc6-5b94-a5e2-08872e69cd99", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7f4d150c-2d4c-58ca-9e86-f21e0addc037", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20101d53-e0e1-5881-bf9b-3475c4d7e44d", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:673996cf-7a54-5cd1-a52c-b315201151c1", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:999aac7c-cf80-5283-a59b-517a4d5e009e", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7010e45b-4454-5bd4-80fa-3599b70de9c5", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:78e00505-e344-5ba9-8126-871433cf4941", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15137ca6-3b17-5505-a2c5-d3c677e328fd", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:deb32cb1-a5df-5ef1-b423-a3808acf8e49", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:87e936c7-3f84-50fd-b3c4-407680a29ec6", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9a34bcfd-2186-538c-b02f-b37dea6a01d6", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77925341-4ecf-5b5f-807c-584874137d71", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:09ea382c-0810-52b4-99a4-b8d1466f15d6", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b87639a-5e12-5d45-9ea4-8fe973accb01", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c8ca7a04-b0a3-5606-a47a-1f9dd1bff54c", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:207e0b93-5d5a-525c-8744-f83adecfe93e", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5dcff2d6-45b9-5bf0-a4f4-f0a04f30718f", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ae7db020-80b3-5a5f-8bb2-25b39b38c546", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2971614a-0613-5bbe-a116-186c5a9cf997", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b4572d1-897a-56ce-9d29-cab6eda796fa", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:917da197-3393-550b-b428-c8e1419c8ff9", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5fcae6f0-0b4b-5a72-922f-4eb5f3b6f93e", "id": "CVE-2026-41847", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-41847 does not affect version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support. not_affected \u2014 Spring Framework version 5.1.5.RELEASE-tuxcare.2 is NOT affected by CVE-2026-41847. The vulnerability exists in the Kotlin Router DSL filter function, which does not exist in version 5.1.5. The filter function was introduced in version 5.2.17+ (September 2021), after this version was released." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ac1b828-561e-533b-8fc2-6431bcc7cade", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a23f6622-cb04-55ff-9a82-7caaa42301e5", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:349d1339-081d-57bc-a062-3ee1019f25e8", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:41c9ecbc-d708-5247-905c-14313db73f1b", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3ef9f64-8e4e-50c7-a362-71e0caaa7bd1", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5dac63e3-605b-599b-8f22-bf40c6ac95f8", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37bf4fba-7f49-5d1f-bdf7-ea5549df26ac", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-context-support." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-context-support@5.1.5.RELEASE-tuxcare.2" } ] }