{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1fdee27d-0a75-5ce5-bd77-0e0099ca5904", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-beans", "version": "5.2.13.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:514f17d0-d26e-5be1-86fc-46d97c787a15", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d4a844f-4851-5bf1-b6f5-2b10e0261a91", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f6e9cf1-819a-5eee-b8c0-760aba205a34", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7f99c5d-82b5-53c9-a270-de70fa364e98", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dc4881b8-e1b7-5a14-a275-422fee6335ea", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ba62a9b-b0d5-5598-bd52-e86787eb4466", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c853a5a6-31ae-5926-9418-d043555d7734", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ac1692ad-d364-5c72-bbca-c272d510159e", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c12e8d44-e6e8-54b6-a5e7-cacd0bad5cc5", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ade947b-fd23-5b93-8178-efec7cbdfc26", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f22a00dc-1eb7-5fa1-8843-f4b21d5d399f", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f83f67eb-9930-5ec6-815d-74c4fad73ef7", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8bbdeaa2-a5cf-58cc-b0fd-13f0eaf7d3bf", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2610599-85a9-50a0-b45c-59f4c60908c4", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a350ea6-f0ef-5b72-b63f-63ce6a96df14", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ced8aa78-25fd-5d5f-883f-5c1dc5c5f939", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9b52b42-3c65-5cb4-8a7a-1da493a9e5ee", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4c130c49-19ff-549e-bd76-e03b34968522", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d68582e3-26a1-5e3d-b21c-a23cd6922518", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:43da87bc-5b89-5a85-8283-56ac840092ac", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36317f62-bd0d-5491-93b9-f84a6e837d59", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dfd3a9d1-3300-57f2-b1af-111e8f7145d5", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6c25d1bd-e2b7-5e2d-9a92-aaa1fc8c7e0b", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.13.RELEASE-tuxcare.2" } ] }