{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b91b5e8f-6e22-5d0f-8244-4b8546e63959", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-instrument-tomcat", "version": "4.3.30.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1f6653f8-053f-5778-b4d5-9afb98d6919f", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f81ef54-88ba-5d5e-9c9e-3b6365a7b0bb", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d4a5da92-5a5e-5cd0-86ba-c6a88d219823", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:82788264-9dd1-5ca8-a911-2514abd2e4ed", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88750d5c-d097-5266-80c7-a4cf6ad6da69", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a417a1c3-a4ab-5312-823d-6fc7b6801d55", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6cd1a556-6c49-5178-b171-d4b9d3e7cec7", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:505d5ecc-c8d9-5fb9-ba73-fbab358d895c", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60e5d96c-275e-5902-aa59-5cb9b995ebfe", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23cc1bed-953b-5700-8c4f-b7792fa4f1ce", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5769f7cc-db53-5089-a8d5-518b281aa063", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:851bbb6a-6af9-55ec-8ac2-94a38d148fa5", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4f767911-50e8-53dd-9df3-73538193fb48", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5cc21da8-0620-5715-9592-4c40394b0558", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1efb946b-5558-5988-a73c-d88965d6f2d2", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f2126fa2-5ad2-59bd-9ff9-fa78fc797c68", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a43cb999-a19c-5d3e-8366-1a39a080bd2b", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b07d901f-7a27-5172-a08c-78d41de85cb0", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:84b45f50-c1ec-5d60-b72c-465257e7beff", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f386397-b3df-5be7-89a4-e3881d631275", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f6d93955-7ef8-5ab9-a787-f15522b1ef09", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5bb93cf-aecc-54b1-8751-efe3bc9f7a0a", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a485e953-dcd5-5212-81ab-c991cbf33186", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bff78db6-cee0-57cc-8e30-5b7cbfd16977", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.3.30.RELEASE-tuxcare.1" } ] }