{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1ed6f799-108b-5382-afc8-c62817258a29", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-instrument", "version": "5.1.5.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8fb586f0-ba71-57a2-a4f1-7018f4e073a7", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9d2a3ad7-8660-5a52-bfd8-6fbf20433861", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e3849980-8225-5980-b1e3-428ea2b6c2bb", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:91981671-3f1a-5871-bbee-9c18ef500ba9", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9e0edf36-d852-5912-beb4-dd45782f5a34", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7ea4ee80-fca0-5b95-bce5-2f41295983ed", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3fb956cd-9a78-5b41-90ae-5758a7cf4016", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4655f19c-56f9-5907-ab78-3d5de1ec78a2", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:97e0bf1d-1987-577b-a1a6-c802b3ba2761", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0a64a0b4-7dec-5d4d-adfd-df09f51205b4", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d6bd1802-9323-5cb7-a4db-cef872621524", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:575b8428-40e2-5d0d-8cb3-df4b34c53a4d", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:96443b0c-d898-52f0-b67d-9f5074050c35", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c460e5a9-e02d-5103-bae9-0b84b2d50c04", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2226ef44-3fc6-55c6-b5f5-ef32444913e8", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:960cf776-bd27-529c-9f37-17f3aa3fd214", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bd719ccd-8765-547c-85c0-ffd9bd418e63", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-instrument 5.1.5.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a42c8d54-3d29-5218-8751-f93d5bf7cc79", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f08ff73f-8ebe-557b-8870-67b8e9bf78ed", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a1b2a391-8d7e-5654-bf47-ed3eea9945a4", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dec2ad75-cd28-529d-9d7c-c6f4596c33a1", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d86f27e0-3ed4-504f-861d-51802c189662", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cf8265c5-76ec-513b-b95c-8d0b7abb763f", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e8e25c6e-5917-5cc6-a70a-c84e77760474", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:38e72bc7-808d-5539-ad4c-8d38a96a5c83", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:84e6a0b4-d0a0-5f39-a79f-5c0abf35afac", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:59e0263b-f583-5bf7-b7b1-6ab9eb6de3d2", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9f768b22-23c3-54bc-b1e7-9f2590b2d586", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:266e3b1d-5a9c-50a9-b165-2da4b6a2271b", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e30e5444-394f-520c-a0bd-56f75996b4ce", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7b6d9d39-8ff2-56a8-906d-7dbfc72ea134", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:951e0bf0-e7fb-5707-aca2-6f7a41177c3f", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:81a4eff0-cafc-5037-8c93-f97f38b243f0", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b9dc3af4-6b4a-54c3-9696-5d259a32b77d", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3b02781e-c213-5094-a1be-8c20dd3115a2", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6e5d4841-5e79-54f0-8aae-5233ef82d109", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eba3afae-6324-560f-a6d1-a7b7b8683f7f", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e007e8b3-57a7-5f6f-9668-6fb3b9a25522", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fe1afdcf-179a-5d00-accd-a87edc118f57", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:753c8ad3-e3ad-579d-bebc-bfaea102c1d2", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8f88067b-0be8-5c29-bcaf-18333bf13ade", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c29276a6-3e26-5192-8ed8-704da0366b7d", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f95e9af6-1a8f-51fa-bf72-babc207fd4a3", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3a195a0e-fbba-524e-8343-589188e0d7bb", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b8810a4d-a886-5852-9b4b-dbf961415987", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:60621096-9a7a-5d27-9ded-be33cf979d8f", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.3" } ] }