{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:38d7bf30-5103-5d2a-9c5a-bef92b9a0446", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-beans", "version": "5.2.0.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cfd75696-a4f3-5cb4-b47b-0ac5bc9677aa", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b49dfd00-5f9d-5b8f-9919-54b543874528", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e2405eea-cca7-5e57-9dc7-4abf97c4c7cc", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9c07d3eb-badd-5be3-aa63-fc3aec2b1451", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a3b2f07-a079-52a7-9d2d-4d9993b84506", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d2e6c93c-cd60-537e-a100-1fb06c86a78e", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e8039726-9314-5ce4-a463-a500edd57b00", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a668a19-6b52-525f-994a-68309384df91", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b2d7a29-9ce9-5542-8bda-354ce4b18a5f", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0242faaa-b5eb-556b-bf8d-e2203a79f57e", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:470a5beb-2fa0-59ca-ac58-2db0fccc4681", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e658c3b1-969a-5425-9b40-5bf93e103c28", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:913612df-0601-5d0d-af41-f2e2d7994b8f", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:693a7dbd-a446-5f63-8843-7bb9988704f7", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b451861-055a-5cd5-8acd-27bd4126aae2", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c71895f-5882-5cd5-af0f-b00d153ab094", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:810ac14d-7ae4-5cbc-a283-edf887404f72", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:39cebd78-8565-519c-8c65-bfdc4af3479a", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dfe5fe57-3739-5588-bb4e-75a43bc1a1ee", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-beans 5.2.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:31a3d5cb-0a7a-5907-a805-9a81c0db398c", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:219f396b-efea-51ac-b2cd-b26d6430113e", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:408f4bb7-8c47-572d-b961-a0a968ebde6f", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91e95a2d-30b0-5ea6-a6cf-4ace79f7b798", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6f654647-a551-5046-9e1d-7b7bfc761c50", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-beans 5.2.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:18766793-af1e-52e8-bfbf-18109a06e588", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:798e8676-159e-5f2b-83df-f4a2f7669bff", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:568f2e0d-9a83-56e5-bb62-be41515ca86e", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4fa20dab-e1b2-566c-8898-d7fe643e2e81", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:582d7da9-feb8-55c2-ac4b-f2d2a30ae2ba", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0217a946-626b-5751-8ea8-d3b6858e1398", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:242cdce9-8f72-5404-ad79-e8b3aa33bc4f", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:67e164f2-ef91-5333-831d-7c668a4332b9", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7cccc19-25f3-5be0-97a1-e27c2f48aed6", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b78413b9-2a46-557a-854c-db8d1d4321a6", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2c91e7cd-6497-515e-82b7-b35b3004a871", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1da68e06-e224-5100-abfb-a16b7055a4fa", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3b63d50-ba28-5bdf-83e7-a999be17c4b1", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a9c75b18-6783-58fa-a1dd-c325ec65f92a", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0efece53-0e70-5d97-b173-e7c0d82a2dc7", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3efec4b2-467f-5cda-9fdb-4a57e19e8cfe", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3f9e53d-d838-550a-82a9-c34af8b405d6", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e6919ef2-3e6a-5e6f-9f54-be5bf3b817b2", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:368213d5-c76b-51bc-89e3-5d4a7193c690", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f69bf918-3e14-5431-8ec3-c3aa38ab7af1", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0da13915-b15b-5af5-a655-dee4e226cdae", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-beans." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-beans@5.2.0.RELEASE-tuxcare.2" } ] }