{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:35d29099-1c59-5db9-b561-8145138dd520", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-instrument-tomcat", "version": "4.1.7.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:403a5915-1344-5ffd-8903-95ce9162a2d9", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2417331b-5234-51be-b65b-9fa871098a8b", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:64001628-a6ad-5bdf-a2e0-68c85bc1a6b6", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4aecede1-f3a6-5206-bfac-6fd68be61bca", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:17f96a72-aab9-5be2-8eea-982a201bebe8", "id": "CVE-2018-11040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11040 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:796c74a2-2bff-5d8a-986e-1f467af12f36", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d7f64aed-b498-5318-9cc5-f522ca395f7a", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:18b8974b-d39d-5c95-8ca0-1e5686ee446f", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9dc417db-2cf8-563c-acab-4aee11a59f9f", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:76d9d685-3de7-5623-aac1-a799cc6988a9", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6bdac33d-8892-5c1e-b2de-7474d377bdb6", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:98a45288-c148-5bfb-abbb-e8dc49d4ed26", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5bba6ee7-aa64-53df-8ac3-b7018a711575", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ec797a69-266f-5ede-a32f-3acf5ecc9298", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5668f04b-7a54-5590-aec1-8b0e96aaf49a", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a27f0202-b872-50e9-b8a2-29bb3164149e", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5f4025e0-de66-556d-ac51-0850e48ada6e", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2b6dd928-5cb9-5b28-be7b-d084568f087d", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b0558091-a6df-525a-9199-a446853f64bd", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c7d2f81c-88be-5568-9b78-c755d07a2891", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:16439920-b0ba-5fdd-962f-f175de3232c6", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e6a19e28-d0ed-5bbc-9114-2e224a9c42fb", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:92500ade-653e-5bc5-8d8f-565839590340", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5a138dbb-da86-509a-b48b-dfaaeca553ba", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a8280b0a-a736-55d4-8fe5-2a2280b42f91", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:084f8e79-e151-57fa-85c9-16c9857ec504", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d815ec46-efdb-5a03-8d8c-9b570721abb2", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a0ef5b1f-a0b0-5cd2-877d-3fb60d1bd7b8", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8bfcc5b8-a164-5734-ad04-8f0948bf3f44", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c48fe11d-51fb-5778-b9cf-89763c9cacf6", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.3" } ] }