{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:63c19268-16ad-5c63-8942-3ed5b38b538e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-context", "version": "5.1.5.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:42f6c288-6ef6-5913-9945-65bb23d1359e", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b9156178-edbb-5bd4-8e8b-72361c66ef23", "id": "CVE-2020-5398", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5398 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c2f8ce9-2ef8-5fe1-a9b4-ae106ce4da2d", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bdede1b3-242a-53cc-b430-8774e24a0d6b", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e8459b75-10c6-5eda-8810-bbb3546c2092", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d22a84bf-e887-5b41-bc56-c4f1967fa1e6", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e35d78da-6239-5d40-93b9-f7a39acc465e", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ed87b05-8671-561d-be5b-6b2a4f5dcbd0", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc5d755f-d676-55b2-a3f7-c5e17b4bb1ed", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:25f4728b-3993-53a3-a489-732b197b7054", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e031e2c9-40bc-5aae-866c-6c86cde64bd2", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4e597157-e346-58e5-9c47-bd3a90f2da97", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a00c02f-1b7d-55f0-86cd-d733269cf072", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f2d5eab-317c-5846-ac25-8b708772967a", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc9cef9b-b884-5844-94fe-d8726cb79ff7", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee14890c-d58a-5409-b419-5b5514f56aae", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1aed02ab-629a-5838-8a89-eec07ed02ed0", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-context 5.1.5.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2d9cb8c7-67de-5f3b-a922-9ee86954c9c5", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d094cf9c-9319-5ff9-80c4-6b7804f9edd6", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:054ca181-4291-5685-8012-dd2e8d3c501d", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f78ce1b3-bf41-5d17-93ac-2b0742b2881f", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7563f6c8-2fa0-5abf-9cc1-a03ac39a5d07", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21276fb4-90a0-5a37-8de2-abe10b40fd8c", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e34f4bf5-b506-52f2-89e8-98f2aa52ae37", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:85e06267-2ec2-5cba-be6d-fbd562366dc5", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0219bb9-d049-5f6e-9b4f-6ffae19ac60b", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce0d4caf-5126-58b8-840d-53fddf9cbbc5", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ecc408bf-60fb-519d-92dc-24c5aad4dada", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5caa70ee-c05b-5354-9b6e-d4718955de92", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bed89c79-3e31-5f65-bd7b-3c9dfe39d888", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8258e664-9a59-54ca-9c4f-11417ba24deb", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2bf56c1-b924-5f6c-90be-430e1e48fc55", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:13120d9b-e371-54f0-99c6-fd1eb289d3cb", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6cdce3e7-ee47-5326-bfa2-75b4cb6d8c02", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9e2bcd9-71a0-5786-beb8-9c1a97d0c4dc", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e566ace6-a76a-584e-898b-1b7aca606e9b", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:488de1c3-809b-5ed0-9a78-7c02ca1952de", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b6904299-0be7-5eb9-b5fb-1025552dd21c", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f09d6daf-d48d-58a0-942c-ea538bb39492", "id": "CVE-2026-41847", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-41847 does not affect version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context. not_affected \u2014 Spring Framework version 5.1.5.RELEASE-tuxcare.2 is NOT affected by CVE-2026-41847. The vulnerability exists in the Kotlin Router DSL filter function, which does not exist in version 5.1.5. The filter function was introduced in version 5.2.17+ (September 2021), after this version was released." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64cd532e-3e34-56aa-a162-59a182ff071c", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2007a905-4045-571b-9fdf-3d53dbacf1a5", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a628f2f6-438a-5e98-9596-1ee9a89e94c2", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a6e71a2-e930-5add-be76-3f35ada78cfa", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95e3c0a5-cc80-56e6-8c07-0da3fcdff9b7", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb1105eb-d6de-594a-9414-f4831e1285de", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:879ba3d9-9bb8-542d-9d36-b3a5d23de6a8", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-context." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-context@5.1.5.RELEASE-tuxcare.1" } ] }