{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:62baa91a-6d36-59d4-a398-1436a91bd2ee", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-beans", "version": "5.1.5.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7854c696-9190-5c09-9140-cf07e18301dd", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92d95335-1264-5578-9a9e-fbee551e84b8", "id": "CVE-2020-5398", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5398 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60ea1d49-0998-551e-8df3-31ae5ea71ac1", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:142e85b8-c756-5461-aedd-86dc448ab20b", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4391695d-6a7d-56e3-be1c-99b5459cb7e5", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de80546e-13a8-5c06-ac41-cafb4d80c0a5", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b15a91a0-efd4-595f-8f02-534f585333c7", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf30d828-9438-5f9c-92d9-350a9836cf08", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1186085f-e675-5de6-a8fe-c76ae7af3f49", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db47470d-320b-5245-b73f-ef537bfc6cd7", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:498bb199-5630-5619-b84a-d98d19c39a4f", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:84b6c32d-20fd-5b6b-962e-156c18525d11", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:52d4bf69-a132-59d0-90a7-ef6269719a04", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7cba11e6-3ae9-52f7-865d-2779c45680c4", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8050bb4c-818c-518e-9d85-c73d84545211", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:93cd1e51-dd04-5660-a666-d0c35ef405f4", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:09fd3b48-f2cf-591c-aa66-b38ab1d13ea1", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-beans 5.1.5.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ea70820e-82f9-5586-8c5c-0cfb7fed0c4c", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:51ff506d-5f06-5a79-b83d-4590fc3ac1e7", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1d1b38a-54c9-5dab-9ad9-75fdc8512b5c", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:348ab237-97a8-5380-a9d9-e6c987458569", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ecb0b9a9-d2e9-5aac-814a-036db5db6331", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b4deabd4-58d9-5f54-bf7a-10e564f9c478", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fffeb50b-42e1-5de7-8128-24f5d96695ba", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c93f0265-389a-5035-9eb4-64e45b42432d", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.1.5.RELEASE-tuxcare.1" } ] }