{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0da60bf5-2f05-5569-86a8-3867f2765ae0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-beans", "version": "4.3.30.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e4518f63-bb1c-53ff-a207-e1831a904121", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6d2d2f6c-cacd-5ccd-951d-14c2e3e8d4c3", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:da46bb4a-6860-5645-b976-f1d0537de335", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:766a6ef7-5abf-5646-8a8c-3a4790265eee", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:298e1db8-0964-537a-b81d-a3e109e1e3b1", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7df97917-8112-5242-b3d0-e99f303fbdf5", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:da6bc118-acb1-5354-9697-c97a16c2186c", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:61e5bd5d-66a7-50b4-a8fe-1cc0850da624", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c6893d12-1455-5276-8c15-a73b357eb3c6", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:716b8067-bd17-59ed-af2a-bdeb3b85ffb7", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20c1fc36-ee29-5ec1-9a2d-d0c079f591c7", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f45e4d3-7f53-5f05-83e4-d34c421fe3d4", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:246edefa-1905-53ef-9550-2480ff2bbc2a", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f895662-5349-5b16-9739-4dc51cdbc332", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:caee3e81-aed2-5762-b30d-a317fac39b6f", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:39c84165-303c-5722-be09-80ea44142598", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3fa0e174-204b-5bcc-9cf4-e0285c686a4d", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ea122cbd-a466-5184-9f77-c39f4205da06", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:af17fa91-1877-5481-af58-5a27dbd5f478", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f5e04b1f-71f0-5136-98d9-50d0f17b555e", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ea656c6-b4b3-59ee-868f-539e0a6eb256", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c98ffe97-4f2f-5537-887c-c87eb0fdd4fa", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0e5502d1-96eb-5f2e-8c79-511d81f4dba2", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba41c279-8e58-5482-9677-9e72c8f9e297", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:085c15a8-a45f-5862-b74e-86a9fe459ec0", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-beans@4.3.30.RELEASE-tuxcare.2" } ] }