{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a3e101c1-cf4b-537c-9368-2392dff9ee7a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-beans", "version": "4.0.0.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4e8b1bc3-1349-5813-8925-1c133bc9cb83", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9e88254e-3eb5-587a-99b8-c1b5498917dd", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d06f4744-a5fd-5126-94f0-6e08d16a504a", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b55e4f43-8da7-516b-97b4-e85a6631a177", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c8fc9261-aee5-51e4-8533-a97fc0792557", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:da4a86a7-df0a-5415-a4ec-7caa1e423f6c", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:43fc97f3-e09a-5231-8ce6-f17d83235679", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:39ce734c-478e-5d92-b651-f00ede46fb20", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7ec016b7-b531-563d-95a3-9361a48f78d8", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:52f21424-7c2a-56a8-b8bf-fe0e21e7fab6", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5cd4f68f-a1a7-5fb1-9fd8-17f67b23462d", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8569a746-df55-5ba6-a3c2-489d0d15e3dc", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:859529e2-8716-576b-841d-69c99dda2040", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-beans 4.0.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77e8450d-a0bc-529a-98fa-7068ce29a463", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9e4ee3ef-85dc-5c38-945d-06f84bebefd8", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b0a064fd-881b-52f9-a83d-32d941fc41a2", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2913271d-91f6-5e59-890f-8c0fb56ad83d", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:681432c9-e66b-5ebc-b76c-ae69b72e6ee6", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d8aec8e9-0987-5b83-8db0-c85f517dbadc", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ea694c55-e314-58b7-9ed3-edce50a59c8c", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f253af54-7ffc-5918-b90a-a29660666a8b", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7bad8dc-49f0-5d06-a909-5d7c22f04d43", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d1949289-dd47-5334-b822-fa9584321b67", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0636651c-4555-52f7-8475-730daf09227e", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:792d95d4-bfea-5ac8-ad34-4ddddba38db8", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:71a0512e-a6c7-5d46-bc18-65972eada37f", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9a02f94-46cd-5516-b876-ef756ffeaf93", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4c320c5d-3b47-5554-accb-7c4abeb0f4ea", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:48729089-5606-50e8-84f7-5679d68937a0", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a30e0c84-b68a-5516-be49-f1f6159ce503", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0dbb5434-e719-5618-9b1e-e9f4b9aae4ce", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1aafcf1a-05e8-51bc-bfb6-70ca585310c7", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:677749c3-e238-5af4-b706-89991f66c884", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:486f1b09-bb3c-56c0-8117-c79c3f7fd338", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b02f9516-d822-59f8-b82f-54ce13de1001", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fa98f18b-da92-5370-9133-a9959701a1a4", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5aa431d0-0452-5adc-afa3-593edc2339f6", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:950ab437-4ce0-5643-ae68-91a5fb897768", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:183d7ab0-cdca-5767-ba1e-039387c98b05", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b53f0c3e-4a39-5f0a-ac65-4a41621a0d90", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.0.0.RELEASE-tuxcare.2" } ] }