{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c6200d18-9a2d-5517-9d9b-d7429dcc449b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-beans", "version": "4.0.0.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:59dbd7d4-52cb-5c19-9c36-b021ef1a5782", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f109ba72-90bb-5008-8ff5-54e1d3a986a9", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:53d60f25-deac-5916-afef-8b7f2338b19d", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c54f1692-5c61-59a2-92a7-7d04772b3527", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e337dc9a-1b8a-50da-a70e-9dce16ae514f", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ff07ef6b-0d16-50a9-9b03-968a90d77d4f", "id": "CVE-2015-3192", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-3192 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:235e28c0-fc32-549f-902a-a25962e25afb", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:12f31a4e-91af-581c-b8a3-363aa70fc8a5", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4ca5465e-12e6-522f-8db3-6f53c54a96f0", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a655a884-349b-5f81-91cd-476d4fb0e810", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:31fb9b7b-1ed9-54a0-9f06-7741c8e97e6e", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:907979dd-138f-54e7-a872-ca4c8e05fd84", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c44dfb21-2e81-523d-9071-3023afd83c21", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-beans 4.0.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c8d574c3-c1d9-5f27-8596-37acab01ed3e", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c365f4a7-f1b6-5c3a-9917-0225f65c9eff", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5404d767-d1ba-5731-aa92-48c326efa362", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6a6065db-e9f9-58f7-ab62-7ca31afba360", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1b669edb-3aff-5acf-86bc-ca668f3c9bf7", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:43cd1b06-7376-5fca-8af2-7fdf57676aa9", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0aa84753-db8f-586e-b222-cf558393d09f", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:340fcb8b-efa7-5749-8b8c-9dcb982f1ef1", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6340e9a3-fad2-5728-a494-b415bfefef60", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dbbe890f-55f7-5808-9a80-fcf6f310ab3a", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:18a12cc4-ce79-518e-8092-8244c3c08315", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8e4624be-be3f-5a5b-9c24-473bf094d731", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f3cbe65e-e07f-5fd7-9e7d-e157594777fd", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3a2d5e6d-d634-5660-88b8-507bbc84819a", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:30252f4a-e8c2-5b9a-9aef-989a5f05ba0c", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7a7e600c-d624-5dc9-aa2d-0450d1059e7d", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:226c835d-5efb-51b0-83c4-16b0e0168201", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2ae94cab-35a2-58eb-96fd-254c890131de", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:42593e6b-8388-5819-8d6b-5465146563ca", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7eb17446-feed-51f1-9202-fef1a0894266", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:68cbb51e-a38a-5892-8f1d-a99bd6ab257a", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:276eed68-7bc1-56d0-9394-a31a0d5bca10", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a568a381-dd39-5f33-ae4e-41f9a99eb48d", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:45a98781-0bd6-583d-abe2-72289fee2429", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:49ae2207-3a78-5b7a-ae4a-349d59fb5f0c", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:08273a10-5006-58ed-ad69-ddf47fee9b19", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:51127ec7-5407-5489-a1a6-820d4bff6686", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f0c03c64-e1db-5f1a-814c-4ff57eec9b7a", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.3" } ] }