{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:40e2611f-39d9-5aa6-9535-6bfb24655dfc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-beans", "version": "5.3.24-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:46976592-a638-5dcb-ad9e-e25f586b32a5", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0cef1a78-7d00-5a7f-a40f-c586966e7780", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7e12ff75-ba06-5ca6-aa7d-334f878fcaf4", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:986c9122-cd38-5b56-bb0a-9f61f2d36e8f", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6158ef11-2220-59fa-aaef-0cb4040dcd41", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:931a0394-57a6-5019-afaf-95d8cafa770a", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f90e6c06-3126-534c-8e25-c7eec4569acc", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bac43fcf-8561-552a-bb51-59bf3d080308", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c46a2d36-c9e2-5c06-a5d5-bdcf43659bce", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f98b1a13-4c0f-5275-8d14-37d9b1e86f2b", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c2236055-5355-502b-a0ce-19f22d69437c", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5de73f0c-d8a6-5bdd-929e-54970e8246f7", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b1f70af9-58d0-55df-86a2-269a055508b3", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:33a3fb04-e4cb-5a61-bdb6-41c76e9d1911", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e4ed6780-d450-5c0b-8b1f-e7cac6e0262b", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5a04ee19-b844-5519-92c0-2b85942495e4", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d1dec232-e52c-5d2a-abd7-b28852ebc432", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3b3f2a11-0090-5ccb-b7bf-13117b75cd86", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2bba636d-5c5a-5ec1-8e91-a379806d5715", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c9fb9a49-905b-5b11-a992-4180001ff530", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cf2043c4-888b-5147-8221-6678c6863c8b", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:95c5d005-ae23-5f37-8bdc-1fb6a8c7fbab", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:757a658d-56c7-5c2c-a832-143a69f645bc", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a7979bed-518c-5275-b618-2415d7e33866", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c883dce4-bab0-5034-901b-0cd9b517c76b", "id": "CVE-2026-41840", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-41840 does not affect version 5.3.24-tuxcare.3 of org.springframework:spring-beans. Patches already applied: 7052da453285658215efc1dd5ecb0d472fde2de1 (already in target via 2c11852775 'Backport CVE-2026-22740 to 5.3.24')" }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5ca2fdc7-ae20-53a7-9d49-fc21df7859b5", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:46af8751-6eb8-5f9c-bd1c-4e0a20f13eb7", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b612401f-8315-538d-be66-ea325131e978", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:52fea137-0dc5-55a5-82b5-e94162341c09", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78ced8d7-84c8-5641-97ab-f51be6630bbc", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f27a0c6b-d59b-53fc-b02f-2ecf96ff2968", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1844a5e3-5bea-508e-a5e7-26adc8c9d14b", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6831d003-ad88-587f-b96f-41cbb1815009", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e681bdd3-c4dc-53f0-9baa-8c76b244a7a4", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7da073fd-2625-5b43-9f18-6d32653879d3", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:646ef14d-559a-555d-8c5c-fa466f70d3ee", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7999d459-890a-5c14-9488-90edebadd4c1", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:67fc3894-e89b-582a-8a08-bf0173236306", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:40882172-1248-5656-bd83-71fe1033f343", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.3.24-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.24-tuxcare.3" } ] }