{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:db39bd47-9f52-53ed-aa8b-63d73560a531", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-beans", "version": "5.3.37-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:592398b0-7089-5b10-bc54-9cc3dbd3abe4", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.37-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d450dd61-2337-59e3-a8f5-6d591aa1eae6", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8cc54d17-bfa1-5e58-a32c-b00eed0e593d", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fdcb50db-3c80-5f34-9f64-a21c336a0a26", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:97be3e6b-0b09-599f-8250-759a9bf828c4", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.37-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3157be57-1d9a-516c-a603-1781639d66dd", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ed4f0181-427d-5c27-bec9-10d34ed03655", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.37-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0b797292-7026-5c3c-82fb-da33a133f3d4", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2f7fa883-7aab-5421-83e6-55ef4a269acd", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.37-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:54406724-19c5-5cda-8c69-5bfe371cdc0f", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4d84a05b-f4a1-523f-8069-6d1eed22f364", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.37-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:332cde0c-26a1-567b-8468-85c2d9c0b9eb", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.37-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c352b9ce-2417-5bf0-8456-bf9e414ea94a", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.37-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:22f83ad4-4378-580d-b761-486ed7f71c7f", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.37-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6248b645-7e45-5765-9f6b-a12d0c6856d2", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.37-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:51a1e7f7-5104-529a-84b3-d14871a61285", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.37-tuxcare.4 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.4" } ] }