{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d60fcb4d-ef0a-502b-b0fe-997411ec532b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-beans", "version": "4.1.7.RELEASE-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:393bdceb-0e00-53c1-975d-5ac11db50913", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dd47a8c6-0a9f-51e5-bea9-cfbc013a0598", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:db382308-d42e-5ce3-a9c1-683bbf4a16b6", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:283660ab-183a-5cb9-b0ad-4424da08942a", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3cd6db5c-6fd4-5daa-8851-f2a75ab69271", "id": "CVE-2018-11040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11040 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a64f3ec0-37fd-5c88-b7e3-9fee11d9ab49", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:96137a3e-859c-5f0e-afb6-d2744af33c50", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cc8a1de5-bf60-543a-9d7a-07986f17375a", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fda364cd-c701-53c2-9854-c735ae208447", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5a4698dc-079d-5c3d-a1be-cd264eb500c6", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:170a69d0-d298-58da-b9cc-f660502d3231", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3aeca292-42c0-51ad-9f72-3512b7a43c46", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:286b50ec-0c9f-5964-92ab-2751a29d1c94", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8d54d013-1dd4-5976-a8d2-4a1815a69522", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c818ac9d-7f51-5262-a35c-b74f2591d9d0", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e06b09b0-7bd6-581b-8895-42470ba035b4", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c457d44c-c34e-5ad0-906b-9f986de23124", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e45456d5-17a9-51ad-88c5-4dfd0fa83c39", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:27013d0b-38f6-5c72-bd85-42c464a3b6ce", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f7470aea-d668-510e-be92-840f28d068fe", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:837269e9-5704-51d6-bbea-b54245b1128f", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:44dc6ccd-9fb1-56bf-81af-d4b781d10c91", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c95c9f44-f6c8-5f2c-8a83-7955313bd244", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:69db2029-782f-5809-a720-40b8af2897b1", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8b3a157e-1df7-59ea-b7d1-4b4308c2b92d", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5ce5553d-9b3a-5919-a1d5-f480547d3bff", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:afa638d2-33c9-59d2-8bc9-25ecbd61e9fd", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5d3ca64a-5207-5524-ab8f-b9c45a1bb92c", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:957b7fbb-9060-5a99-a9cd-b0700b94bb7d", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c5a8ee03-83a7-5517-ac19-870a66a84377", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.1.7.RELEASE-tuxcare.4" } ] }