{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:df0f91ba-9695-5632-b27c-a8406961ebf1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-instrument-tomcat", "version": "3.0.5.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6448d54c-5976-5d41-b52a-798a057148a2", "id": "CVE-2011-2730", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2011-2730 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0abd7607-de8e-5047-a5f2-fd10dd588fe8", "id": "CVE-2011-2894", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2011-2894 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aba760f3-fc08-56b7-9e63-67141171d299", "id": "CVE-2013-4152", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-4152 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1ad2ebd7-0c3e-59a2-a804-683ce08b9689", "id": "CVE-2013-6429", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6429 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5cf25cd8-641e-5b68-a86c-b42432777eda", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:339a745f-33a8-585f-93eb-217bb6a23c87", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8302dafe-2773-5100-a14d-c1b8857e78a2", "id": "CVE-2014-0054", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0054 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fbc164b3-694f-570a-b601-6c07195cc27c", "id": "CVE-2014-0225", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0225 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6a496c62-7ace-5d49-957a-d7abd7e13711", "id": "CVE-2014-1904", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-1904 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:074948d2-2eed-531a-8994-46d44742a7dc", "id": "CVE-2014-3578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-3578 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dee4e67a-e30e-5aae-86e4-e48e48f21ba7", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9b8d0027-345c-5a61-887d-3148cc5d8382", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c9b7f0b7-a75c-5eb0-a59f-542091c9eadc", "id": "CVE-2015-5211", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5211 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f67b87e3-86cb-5bad-826c-bcd8a5f35d55", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:adb680d2-f850-5ced-9113-57f95b3eb59d", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f4e34444-037e-591b-a825-ab1a948884c2", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0704b7b6-e172-552e-bc3b-11b0c58c7493", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4f373c6c-b954-5a24-b910-233aaf797c23", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:36cab515-cde0-5890-826c-ba852b2f95da", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8a9dd825-3b7f-52c0-9106-510970a6a3c5", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:073ad16c-c537-55ae-a65b-4923415f77b1", "id": "CVE-2018-1271", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1271 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dd2ec2e6-316c-5bd6-9542-1ebfcc92775f", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b1dc03cc-0b49-5b86-a059-b447ed992852", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9c9bc1d8-022a-57b6-9515-78dbeb129d79", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d5cbac14-0490-5171-b489-57355a1aa3b6", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d242fb6a-8e32-5ba3-9dcc-386b4c4a77e9", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5abc5ca0-cd22-5bc9-be3c-480c7495ce13", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0375a4b1-b81d-5f97-92eb-d572e1e58da7", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ae4c5c01-6271-5b20-b010-bbdaca023249", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:acfaea7e-88d3-5d10-8734-cd3dc7148679", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e3e970ae-7747-58ec-a1f7-463c52bd84bb", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:06226e7f-95a3-50e2-b7d2-c874621c8ef0", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9e3f6c82-5438-5409-bb5f-5068a4b1d521", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e14f2cd9-a089-547f-a83a-ad20ba2c110b", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dce4b46c-cea2-5b58-80b4-546fbe52f8da", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f6480717-a586-5e02-922e-1922e6696288", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d2e81861-9ee6-5077-ae68-f418283d6d63", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0578921c-a7a1-5bb9-b321-808dc928d099", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5b23a454-c85c-5fa5-ba37-f45c5115d2be", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:39f565d7-64ec-598b-bb3c-1ab070044240", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.3" } ] }