{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:567e644f-4bea-59cd-b6b2-75cef1c99f7c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-beans", "version": "5.3.7-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3ae02875-38b4-55fd-8c3a-a5cea65c07bc", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:02484758-d772-5791-b4a7-be49f1ef267e", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d0d592de-6291-5217-84bc-1351e36fea3b", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b034d76-6247-5328-9d86-a071ebe4f13c", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f8c462b0-b062-5d89-b334-7b540b44b238", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c203435-c36e-553a-ba23-5ae62809b935", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3fc70bae-2a9a-5f94-bfcd-2cea1e6de0ed", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:18ae7234-ecba-53fa-8905-7f9b80da05f9", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8cf9a274-1d49-51bc-ab99-f489853b7a6f", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:289934f8-e3f4-567b-af4e-e7ed54ee68c6", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1b37f700-041a-5e61-9799-e3d61085ec64", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e98e448c-bf23-5a69-80ae-f95634c5c3e5", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:09221056-19bb-5c6a-bb9c-1a57ecb7f64b", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c968d4ba-8fed-5f48-8ffc-63d42ef086db", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:08c194ed-6027-5408-aec3-37e04f2da2fd", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3a29315e-ed53-5591-bb36-7bc69a2d1e33", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:494f0b9c-1499-524c-8aa3-ecb92a863052", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2f3e04a8-9ab5-5730-8903-04388c83e9d9", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba7ce160-7ec4-5da0-8ff1-db486925568f", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:24af1e3e-a743-5a8b-aaba-4cc554468450", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:294e3b03-4ef0-55be-b98e-78c224a7c97b", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b1120614-8eb7-5aec-9347-49f73c6ad237", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-beans 5.3.7-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed6025ff-b8c7-552e-8b14-9efb8b9a8b33", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97478921-e0cd-5bf9-89d0-7232b7f1283d", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a739cc5c-4ea8-5d06-aced-3446169cca00", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fa6cfdf9-c005-5829-a246-455216dd2e12", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4004d152-bbfa-562c-97a2-3f4284447019", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.7-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.3.7-tuxcare.2" } ] }