{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:809fa6b9-28ea-5335-b0ee-7d5b901ff585", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-beans", "version": "5.2.13.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:67ec861b-742a-561f-91e1-6ff31eb637c9", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:42e053ff-3d0d-5791-9b38-93f8d8b17300", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cec7fce7-6052-59eb-84e7-86f4136b99f9", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:309bbf71-830a-540c-b0c6-0438f02a13a3", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:82990079-9882-5f7b-80ae-e4dd898c7124", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5aa9077-4f1b-5b73-8b90-4f811abf90bf", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba82e27c-fc9a-5e97-afad-a1618fa352be", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:70364498-a155-555a-82c7-480d78b43956", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c4c56f9-c3be-5102-8eb1-f0e50fb65ae4", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8906eae2-6318-5a88-b13b-b46f22fae8fb", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7434f470-9bf8-5c45-ae2f-98b2b06c25c8", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8543a395-2018-5bee-8f69-29a97a097484", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f5da9ee-e28e-5517-98a9-9bf9f0aa2d9d", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:62167962-876b-5c41-8ec2-a30b1a62193b", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4726bd1d-907d-52ab-8a45-784b26ed981a", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d130b12b-0bf2-5f87-922d-b77f193cb14d", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:05faf9ac-754b-5a34-860a-a271c1b98537", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e11616b0-a359-5744-b6f7-f18aa09afc0a", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0a4b00f-6671-532f-a165-ea906fad99a8", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b69ec1c-dc8c-5479-847b-8eba81e091a6", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:53623700-faa6-5cf0-ab2b-506a6a03391d", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4d35da53-4376-5257-8255-b65c61314cb0", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:87e09a6f-d8b6-5845-907b-b40de5cd6747", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.1" } ] }