{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:79b840f5-c272-5a25-b507-491186ac7307", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-instrument", "version": "3.0.5.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:af953e72-5ca0-5e5f-aa89-0d5ca24b4c39", "id": "CVE-2011-2730", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2011-2730 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:18af0ccf-f156-5407-8ce9-306d282df195", "id": "CVE-2011-2894", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2011-2894 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ce6319b-eceb-52a7-b3fa-50d67fb0710a", "id": "CVE-2013-4152", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4152 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b97165d1-0268-59df-b649-fb47594cae41", "id": "CVE-2013-6429", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6429 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e595286-0ea3-5f0f-ab98-356b7b5c4f9e", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba49c899-e74e-5b3f-ba7b-8949d24377bb", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7dccbaa-9437-5c78-8b57-783d335b5b31", "id": "CVE-2014-0054", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0054 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3f200a2-5c93-5b08-af6f-7e260ed4b553", "id": "CVE-2014-0225", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0225 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9e8c59e9-2257-551b-8590-3b0f8101c186", "id": "CVE-2014-1904", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-1904 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d4ba26a-ebb4-51fa-b362-cddaa517438c", "id": "CVE-2014-3578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-3578 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4034b5e2-2568-5bd1-9512-410c73811f35", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a507dd64-af31-5bd4-8c1b-adde53ef42c2", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:68c26da1-4623-519a-8ad5-863908012810", "id": "CVE-2015-5211", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5211 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3bafc4b4-a49b-5ae8-af45-758a8d876fcb", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c172355b-d173-59bc-a4e7-d814997bbdd6", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d3b0101-a1b0-5fff-bb27-fef790e5fc07", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c209b86d-60de-593b-aa24-e7ce09547ae8", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:83132c30-61d2-5306-869b-f52707507198", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c3f5d9c-3508-595e-ae4a-62104496efa0", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f57288fd-6fb5-5b91-9d71-9e08ffffea90", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ff5e9a3d-3ed7-5e38-8b71-3900d70bf5d3", "id": "CVE-2018-1271", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1271 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f1857772-6a16-5757-9b69-42c83ba240b1", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3dcbd479-5b94-51e5-90e2-e7924fefad2d", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:025e8c64-b285-521a-834f-f92489d95779", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45e30aad-c135-5977-9c93-72bd7c89d820", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:05a6065f-1155-5c85-9315-013f66306f63", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e09b674d-2aeb-5c28-a0fd-746382b34b2d", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9407d5ce-3d3e-5c45-8747-0c5dc1d924ed", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5f1903f6-8912-5ba0-933f-3033da309707", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b9ee793-6f7c-5797-8e14-e9c21a266e01", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d1760db3-9eb0-5bb1-b739-7578711129c3", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:95c422a4-269b-591e-94ed-3a8b4cb7922b", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:27431aec-118f-59a9-9b57-92d914d35815", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:63975616-dd5b-58d0-a93e-d5ddb35291b0", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a66719af-a8e6-55ff-9b90-8faf46063812", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:de9b470d-9681-5edc-a12a-4c1bc0482000", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8802bb74-5d9a-53ca-ac9a-58b88610ec09", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d3124d9-97ee-576e-8697-684fe154f1f1", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8312ef58-f490-569f-bd9f-6be9262f489d", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:867340ca-703b-5f65-a55c-91437da6e69c", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.0.5.RELEASE-tuxcare.2" } ] }