{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e0215390-ca51-5d88-883a-f1f672e152d9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-instrument-tomcat", "version": "4.1.7.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ba2688c9-592d-5ddc-8717-7db83ad57126", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:edd8e9fd-cb68-5eb1-9b63-82b857b4e1e5", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:afdc7462-bf6a-516d-b022-8e87a8eda556", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fd9a7e1d-4180-5234-8574-5e7c3f453f4a", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6cc18bb4-d062-5bbb-9c82-30de0d382828", "id": "CVE-2018-11040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11040 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bdaa3fba-5218-594f-92b4-d131ef3b850d", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7af2282f-5eaf-5ee6-989f-fabf3e8c434c", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d4e015ce-366c-52a0-9759-2c238251178a", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ab540d7-2379-547b-a69d-8e5f8031510f", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7d7d3df-1f73-5825-a7c1-86893851681a", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f683a1a3-2743-506c-ba3a-e346cd1cb82e", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fed3316a-e29d-58e6-b5ca-6ac3a56da9bd", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b341d250-96db-5e54-bb78-89b4de8efbf2", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:65c3ddf3-ea18-5541-b7da-71a107440b65", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9240e4d6-c495-5111-ae96-f270fb72e2d4", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf074ed6-1d9e-564e-8a11-aa4171f47633", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:11e831da-823a-5c13-87c8-622562cf77ff", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57b1546d-3e6f-58b9-9204-02a7c0f860b4", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90ff3a81-36ee-5809-86e4-5f79a198590b", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:88941ba6-a121-5488-92c3-8f478747b5c0", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5f434ba-02d6-5d5c-9faa-976e94fcfe6c", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:92f6c41d-6d60-5338-886a-65abda556055", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:49d59b53-a6db-5647-858c-be2bea321bb8", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:14017fba-0998-5109-8e49-831d64f7c506", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4c400552-d01d-58d0-afdd-5e639b3209eb", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1471c02c-5b65-59a9-89dc-9d04d6149e64", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cb4a9b8f-0d57-5da9-93d3-a7765b218206", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fdb23b5e-af33-5fa1-b36f-41379e48ed60", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6d2ffd6a-8869-5132-bea7-a65c7800ac27", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.1.7.RELEASE-tuxcare.2" } ] }