{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:172c06e8-8bad-5899-838d-4b1841769fc3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-beans", "version": "5.1.5.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f05a6d77-6f0d-55e9-9aef-39b4f25823f9", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b5f7c9c1-26cb-5062-b184-f8f8e38bff50", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37ead88f-f4fe-58b2-93c5-c40d91848ebc", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:14c7fff1-083b-586c-b37e-0c1a3b19c581", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a6b2296-3219-5f55-b226-4f19b42078fb", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a79e3b9e-8083-5d40-ba15-e380fd07838f", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f695f77-0317-5638-9cf5-59fbf8d82cee", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b08b788-d906-5c3c-aead-f46aee7ed6db", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9fd21637-0d31-5aed-8894-86a91703f859", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:070b1300-670b-5e87-b39d-3dcf596db2e5", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:38cacf2e-f108-5f15-b0d3-1abf2c40002a", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d1b4db64-e5fa-5d22-885e-d4abd0780b83", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2330448f-ee1f-5817-8631-c67d206dfd3f", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:41328d6f-66ce-52bc-a4b9-286cf6b79c17", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:78fd92bd-56a2-59a3-a82a-9e63a8354351", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b7e43caa-1506-56c4-91e4-b88238559288", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:715fe136-4ce7-599e-b40b-5ae1740e936a", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-beans 5.1.5.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2c6d3274-0bc4-50b6-8d0f-919b0747aca7", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:130a7e54-08d7-5e4c-8d8a-604fa60eee4f", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5055fb7c-04ba-534b-8663-418f1c64329e", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:01b1fc44-fc25-5527-aeb6-9498f2eae7b9", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96b0dbd7-fa74-59ca-8b32-9eb908531231", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:014e250c-3849-5c95-926e-5e352ecad358", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a5726f6-e8fa-5bb6-abad-a53a71712268", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dca637dd-1e05-5ebc-9257-f6e00fa28c06", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:93c0ef66-7f45-5c9d-829e-09a69880813a", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:32a0d86e-8f98-5338-9cfd-76f86503126e", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:630d242e-68e5-5757-ac3b-7eecf5089fd5", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba977237-1975-5e02-81cd-52c5ba19a299", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.2" } ] }