{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b50188e2-329a-596e-83ee-f8615871637d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-beans", "version": "4.3.30.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:20e7bbde-c79e-55e4-ba1e-6aac7b3b785f", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c991374-9907-5af8-9808-0db73800dad0", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fd53e6b2-4544-568c-8e09-213bd63525df", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4ffbbdcf-ea8f-5414-8aed-a5b520fd25d7", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:35d65c2e-a047-5d67-8a4c-0563b1ae10d4", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:54b28149-b84b-5204-99ed-a414f9d81cc5", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:14c08767-fb59-5786-af7f-14286341bf1a", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f57fb9e-3738-5cc2-b960-f7375631891b", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:26621289-15bc-5d72-af18-78a7c8b8a9d4", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d69378fb-18f3-5caa-bec7-48e50b4a10bd", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:609932b9-8d3b-5668-ae00-a31f0076492f", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5a6fe707-1a3e-528b-b39c-65bfbbca6787", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7ba12aa6-90d3-5bac-bb2f-3ea877ab8801", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca6fe839-dd6e-5d7c-9f1a-8e1dd0bbb869", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:98c9899a-df28-54a5-96f6-c44ff6c62970", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e8038dde-4785-5d89-92b3-0ac167d3da81", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5be6cdd9-d6af-59dd-8ff9-765200ec5a19", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c70117a-64ca-5cf6-96d1-0a75cbd0b26f", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a690e98-d971-590e-84b5-ade9ba652de2", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:729f0f68-33b1-5755-a7d8-824551316e1c", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c82180d2-6cba-56e7-8591-d1678de1f87e", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b656ec2a-7398-5a37-9d7b-8adbb018460a", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a4e272cc-bd10-5741-ac87-302ff20d3a47", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:09fd8147-c48e-5bfa-87a8-4f30a1dbc892", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bac798a1-b9b5-5a99-b6fc-28061bdb6a60", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.1" } ] }