{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a0004a89-f446-5f0c-951c-0e5ab57b3466", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-instrument", "version": "4.1.7.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:79b22c76-2288-57d7-966a-d64df71dd977", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:36089bbe-1c9e-521a-87ec-6eb5e205f2a2", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cd23ecd8-ac7e-5c5f-b3f7-8d5f1840997f", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0ff514fe-1a66-541c-bf92-21581e20b4d0", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bbfe5128-09be-5aa5-9eed-2446faafcc5f", "id": "CVE-2018-11040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11040 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7ea632ec-2181-561a-ac64-e294342fb55f", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1975cfd7-b7ad-535d-b9d9-a8ef3b14b90f", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bd89a673-9956-542b-89b7-b9ec8b9eb28b", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:400a5c17-eac8-5016-a34c-1906ca3d31f7", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2258ab86-a796-5cda-b2e6-66742822b7a0", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:658b396b-9fc5-52c4-98fd-a74d7ef5ca10", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d3a1475c-2f60-52fc-a644-3cb20771477d", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:737aaeeb-e30a-5582-8056-7ec052db82ca", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:077eefb4-e1cb-5139-8982-1732fb5a95d0", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6ed53b32-871a-5cd3-9e25-f0c8980ca23a", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78011445-8c69-50fa-9d9e-dad61342f26c", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:19802456-65c1-5ab3-986e-d95b2138f6a9", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fd46d85e-b21f-5a10-a75d-e501a3817b11", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bdd12bb7-d237-5911-bc2f-6ba599d00a77", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:da7e073e-21cf-5386-80c5-d76d2bfd4c6f", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:02a9ed84-4076-5822-9b91-5433f8b0b965", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f3500218-1372-5e85-ac3a-be474f065829", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:89f4144c-5c03-598d-8662-a39e2a66f62e", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2b110126-0bcc-5e8b-bdb1-36378cad39b3", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f35b85cd-c5f5-5ee0-b54c-384ce48abe9f", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f617be5c-2614-596d-aa07-e1734907ae0f", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:268442fd-c5de-541e-9389-516d6c6c5420", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:826e41ce-1ce4-5a04-bf4b-25b82a73971b", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c955cb8f-a68e-5c4c-a929-34f3ee764dbf", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:889262f3-b5be-5559-aad6-8ced005c11b6", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.1.7.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.3" } ] }