{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4d8c330d-8c3b-5875-b028-82d5a2982de7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-instrument-tomcat", "version": "3.0.5.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7b94d58c-d6a3-5da9-a9da-0a23d9b5f77c", "id": "CVE-2011-2730", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2011-2730 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:885fd985-2104-5fcc-a0b3-292f42c3f0a4", "id": "CVE-2011-2894", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2011-2894 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a1e9d8b4-86e4-500d-bc99-f72d6ed637e4", "id": "CVE-2013-4152", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4152 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5de74f0e-f4f6-5732-a9d4-7f8c4002f283", "id": "CVE-2013-6429", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6429 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1f850878-c98c-5b17-96f5-3275432d0d3a", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:41cf13e6-6187-5360-87b3-cb2353d8c774", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b414dd1-2a28-56d4-9c06-49aae8037c39", "id": "CVE-2014-0054", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0054 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f290d2d1-b533-56e5-81b9-61952e4b7b0e", "id": "CVE-2014-0225", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0225 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ac12417-8138-5b24-b750-b1d8f718516f", "id": "CVE-2014-1904", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-1904 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ae04d62a-7c24-5ba6-a21c-d4b49ce4ad42", "id": "CVE-2014-3578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-3578 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d223fb3f-44f7-5202-9c3a-00713a5bbb01", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f8605c2-fa0b-5de3-9462-5ae7e95fd12c", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d7b36f0-8db6-532d-84db-605218d5d6eb", "id": "CVE-2015-5211", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5211 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:114a8988-3e3d-59e5-bbdc-717c4d974394", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06eea5ac-be00-53f8-8470-835e4174da21", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:117ddd14-efe8-5e27-a22f-fba265135764", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bdf4e919-30ba-5598-a95e-6599eca671bd", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:10d7f3dc-4740-56c2-bd05-d57044ae5f05", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0d3704b-358d-5204-95b1-2f8239172805", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3c8a78e-1178-5d9f-9cee-31380da78867", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f126d579-1012-578b-b3f6-49c6c61b77a6", "id": "CVE-2018-1271", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1271 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:101bd52f-09b7-569b-939f-1be8a26a10b9", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:03896ee0-1c25-54f0-8965-a89b013a3e4b", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ef48d078-228b-5127-94c0-3530db653e42", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5b3c1df7-8983-5fcc-8a19-329d14e74f0d", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f9fd0afe-4bd6-5e2c-ab56-ea124448803c", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4c0e1384-d79d-5a5d-8974-728b27137274", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3be97653-6e4f-5315-8c35-1da69b2c2b26", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a74bc8e-92e3-5f19-9aaa-c21a26f2ef91", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3404b2c8-4d32-5d9f-8ea0-d8afa94106c8", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ab1cfac-eec2-59ba-ab18-1c67b18a401a", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6eb19ea1-4b6d-5d27-a2cc-ab28e67ff89b", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ab07753-8471-5fde-bda7-8d5e189938dd", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a4bff73-2aa7-55e6-822d-30ae52813127", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:11db5e99-94a7-5c4d-b755-9106eb15cacb", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:284a27a9-5410-5e46-9381-8aa6f49beef7", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:08625131-d73a-5be0-abf5-6b4f4fc05e99", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a00ebf1-c364-5dc1-bbde-ce60fb3594be", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd1cf43b-1554-5913-aec3-52e0c9c24533", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:64dcbae7-ef2d-528d-9274-e7bee0ae12ef", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.2" } ] }