{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e22dd4fe-86b2-5c2a-99be-f56a4594f3eb", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.5", "type": "library", "group": "org.springframework", "name": "spring-beans", "version": "5.3.37-tuxcare.5", "purl": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d3d2475f-a4dc-503e-960b-28af7c0f9bc3", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.37-tuxcare.5 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cfc69e7b-298b-52eb-b032-735c35aa8f93", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f2498b57-a782-51a5-83cf-018bd1865874", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9ba9ad9e-2d37-5f58-af84-b7b84ff18101", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:46455b4a-2bd0-521e-b219-6d00057d50d5", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.37-tuxcare.5 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c1b364d5-a539-5e81-ab8f-c8ef7148666b", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:875a60d0-8b9a-571b-acfb-b1008aeedeac", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.37-tuxcare.5 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8d040e77-4359-565e-9f25-612f91473279", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dcaf7926-d89d-59fb-b06f-6cb06579b725", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.37-tuxcare.5 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cb70dce8-006d-55f4-bf6c-6b8c5d80797f", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b80a3cdf-b0b2-53bc-bef5-55c0d7056751", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.37-tuxcare.5 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8edac3c1-d552-53a8-afaf-4595fc3188ad", "id": "CVE-2026-22735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22735 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a3f4a4bd-20c8-595c-b336-dfbc94c84f5a", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.37-tuxcare.5 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a62f0717-5c91-5992-a809-402de517640f", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1ad4b046-17c9-59cb-ae30-5988949b4c08", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.37-tuxcare.5 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:86d7bc3a-32f6-5259-816d-56ba622cf955", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.37-tuxcare.5 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.37-tuxcare.5" } ] }