{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f7b4be2d-542b-57ca-be88-f58c33565331", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument@5.3.24-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-instrument", "version": "5.3.24-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-instrument@5.3.24-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:df62b1ac-6643-523e-a442-5f459726ebc7", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.24-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:967441c7-b2a8-55fb-89f8-ec2f04a17eee", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:16b57134-b755-50bd-b577-842d1d13670b", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e88f63f9-5a14-5111-98e4-f2a557669dfc", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.3.24-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f1affa4d-0c07-580a-bb34-b1551c3fc545", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:239539ae-9572-53a0-a649-5462c7f13f63", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9b27572-dd75-5229-81b4-198a0810a0ce", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d68135e2-344b-5271-af10-dc697f158ee1", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4103a3bb-3faf-5ba1-b110-baece9017735", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:08f5ad83-7d5c-5b53-9788-bb1dd8be8f37", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d6cc5611-92e9-5bcc-bf43-e3fe7cf80827", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:930ffd9d-3c8c-5921-9033-95529ca5398c", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:47d5be34-911b-56d3-9551-760e72ad0e39", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7128ebc-bd82-5032-8d48-5ce321512c7b", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f5a445ea-4111-56f1-be7d-51359f4efba9", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:be296275-888a-5ca8-8e2d-d90888fd7d29", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f0221a46-1870-5c6c-b2c1-62cca0f3a7df", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:94f5a4e6-2a42-51b4-b666-e4c0987c50b1", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.24-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:baa7a356-0852-5807-8176-930a48d7ccab", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.24-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed9ba3d0-b606-5589-8146-a0aa0b067e24", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.24-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:01809c5f-febe-52f8-ba29-14476db5f012", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.24-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6b7e5615-f54d-5c66-9ed6-788fbcb14270", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.24-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.24-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.24-tuxcare.2" } ] }