{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d7df67d5-2954-5aab-a5cf-18bdb47dd9e9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-beans", "version": "4.1.7.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e3d029dc-1b56-501f-8349-593bc810c793", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9e8c0b42-353f-590a-89ec-f19ebb734000", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:52f1e909-c599-5d99-ba5e-c17d8bc72edf", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c7bcf7e6-3f6b-591d-963f-9e05bdc82dbb", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e0b80a83-290a-5d89-a870-171831eb9edf", "id": "CVE-2018-11040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11040 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:04152085-dd35-59c0-a223-3c77f5f8df78", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7c68d75d-93d5-564e-8443-436c1e47b4c1", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4a468e34-c116-5233-a744-a48f30e18e6e", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c686243a-6d26-5e80-ae89-345605435424", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6781c31d-04a6-517b-b584-781deab2e5d6", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:792a661b-fdf1-5708-a466-d463825f9356", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4de5d29b-768f-5fe5-815b-11d0ca68d129", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0d9dd2dd-2ce7-5173-8a63-93cf4dd007cb", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e8f275ea-4ec3-5e0c-a3a3-08531a5d4881", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cd0a6c00-3e33-556b-9a4e-1f205d4754be", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cfe046f2-f5fc-543d-80d9-1ddddbbbd9a0", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ba27f048-1564-58fc-8ea5-8f82934d5fb5", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5ffcf1f5-b5c1-51ce-ba04-652d24a7a252", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3359f4e3-d3ac-535f-ab05-0a70d1750935", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b0f90fce-620e-5133-bf3f-d03b4ab87dc6", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e64a0583-353e-57f9-bdc4-8ed19f51ddaf", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:476069c7-8bb5-5984-97f5-57d0f14ecd24", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e096eb5a-3c26-5a04-9364-1f5c45492227", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f87f878f-e9b2-5749-b1ae-667bb10befe2", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2b1f9a0f-da3d-5962-950e-9af9d1c47fe7", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:caeefbec-4fd8-5b5b-943f-275c08e4ad9e", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c639d65a-3a6c-57f5-b9f1-4c762a461f7e", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:353c59db-7942-5e4f-b681-c61eab6efcef", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:99f6dd36-16ac-50df-b5bf-2ac606cf6e1f", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8300e7f6-2e23-5476-847c-ca1465fc91e8", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.3" } ] }