{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:de9cf83f-abe1-544e-aab8-f5d9be89b309", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-beans", "version": "5.3.37-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c43a12c3-401f-538e-a0e6-01455256ba9a", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.37-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:49e9d37e-3f15-5e9d-8718-11fd1a8e9845", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.37-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dcee2a02-6031-5792-8fe4-b56ec825cc11", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.37-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c6a59879-f9cb-5095-8d28-0d486b97e804", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.37-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:20cbd1bc-2609-59b1-85c1-b26cd3ae9415", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.37-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:94951bc4-62e1-50a6-a4da-826f1ef214ed", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.37-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8fcd0b5e-b035-56b5-a95e-433db7376bfc", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.37-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0b2c3d65-5538-5e78-942b-6a16d570460a", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.37-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0c7cc3c3-6848-56f6-9392-0433a30baa3d", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.37-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:54d2fb79-8ec8-58f1-af0e-d539566d566e", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.37-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78321156-f885-5165-8350-4c34b78f9d94", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.37-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:194a025d-2031-5535-ae93-55f629a94295", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.37-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:43058b4e-c151-574f-973d-f7004bb120cc", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.37-tuxcare.3 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.3" } ] }