{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:497d09f7-7fce-5392-9c41-a28982fb4e20", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-beans", "version": "4.0.0.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:173c090b-8827-5d14-b583-ad30a557de0a", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78d73dc9-403c-5fc2-b1f5-cffcb0494dfc", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee83d957-c56c-557b-8180-a2093c48a75b", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc514706-bca7-5bcb-89f4-9d5689ac1ba1", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b8cd7c70-7230-543a-ac4b-9577e8602bbf", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c995047f-b094-5a11-9154-13a5517f82ab", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8d6c4c69-9532-5553-9b78-cd8b461014e0", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b705a9e6-91d1-5ff5-872d-ffb57ef5cf8a", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4fbf0363-7650-5e49-b76d-e45388da819c", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f8b02825-b9ff-5246-ab60-52f9032cfe95", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d5ce0ac4-2a42-5d9d-a41b-a122499e9f11", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b991ba2e-7a40-548d-a4b7-d6630dcf4760", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:447df74a-1bb7-5df3-a10e-f2f8b71c6c41", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-beans 4.0.0.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:507b27f9-031a-565d-a781-5b2854ee8fad", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b59100bb-ed96-5561-8a25-29b17ec95d4d", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:14899f60-00a9-5472-ae98-f8ce49087ce7", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d01beee4-ac86-5b7e-826f-9dd357c9f69b", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5def6f5b-4ff2-5252-a3fb-f4441acc0f5a", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91ecc36f-b9c7-575c-a97e-efb52a8f4595", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:858c2b64-962d-51ea-a883-966f17f3b16d", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7314cd3d-aa24-536c-b222-c0c48fa7425f", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b914a560-8304-5553-8f0b-58dd345c6a48", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d638e859-b1c1-599e-8354-6ac6921f3559", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3bff3089-03ad-560d-90df-13e84a35f3c9", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec41e803-7f58-5f60-9bc8-80f9deda9d4d", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4c65f120-106c-5dcd-b667-6fb3ef8469c4", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4183fd46-e4bb-5d38-bd44-985f81dce625", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d1f4f43-fe8d-577b-9756-a9d49a63d148", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b946f3a7-2acb-5b05-976b-479aaadd6efe", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75b2ec37-34ee-5188-8d57-829d4f8bb6d8", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:082a8038-98bc-5af6-bddd-c9b4c5d71d38", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d9faf673-af07-52d8-b07b-8afc4484d9fe", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d4395e57-dd1b-5233-a55e-70d4a1b82d26", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c3977faa-5639-5ed8-bae1-23369fed0092", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7ce34dae-089b-5ec6-8c13-3debc697e665", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23f078c4-0479-5889-aa63-e2d9289bfc8c", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1102015-1d21-566f-94f1-e30e6a3f2c1c", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c8d631de-0d2b-52ac-9cc2-d9472168362f", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7ea0d9ef-a1de-528a-b4ba-e67184290645", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:744b6827-a386-5d85-8b2c-48467dd08266", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.1" } ] }