{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bd9bc398-e85f-5a0b-9c1c-b8b0c712c62f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-instrument", "version": "5.3.25-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a6e870f9-4aa2-574a-bfb4-b753bcd945bf", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e8da031-6c81-556f-956f-d9b3be8ff53b", "id": "CVE-2023-20860", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20860 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d9e9a74-6311-58a6-9da0-d10479fd809b", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e057a854-21da-5003-9505-960654d73774", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:649c1285-c0bd-5ce0-a433-9c9b28c7202c", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b820e834-5412-5aa3-b6f2-fbed9e31eb71", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:43dd5789-f19d-538c-8b96-0af4ec0eb16c", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ee9260f-c8a4-56c4-aa1e-d767a163beaa", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b02517d1-c51c-5a0a-9052-48e309df465b", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2f3f2afa-2ac7-599e-ad92-29745acad6ab", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c1015da-0caa-5b0d-83fc-d0572d074df0", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:94733749-7d19-5d22-b78d-9a1564f941ad", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:752a5f31-07b5-565c-b598-a6fb97d3aa07", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a18d354-3c9b-5cc9-be53-441a53c247be", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:53cfc937-4b28-5925-8741-fb25671f753c", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:250d6645-54d8-559b-befa-1ebd5ea0b95d", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a884a30d-0aca-5eb7-a368-89aacc2194d0", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83548c6b-badd-50d6-b06c-a69129d39c72", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4a45e532-4009-5dc8-825b-de582c1cfd1a", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1b75183-c420-534a-a56d-a17b9eae417b", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0197e00-0ba6-5b41-9417-115c73492488", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bfed5f29-0c56-527b-b11f-892831616267", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }