{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6c298377-4ac5-57dd-8e72-0a8c8609cc83", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-instrument", "version": "3.1.1.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a1fc693e-dcb9-5369-8ca4-042aef29f9d6", "id": "CVE-2013-4152", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-4152 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:40748889-62c1-5630-a232-574c9b2a3615", "id": "CVE-2013-6429", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6429 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:97433d52-5a4a-59e1-bc3d-4ee0d4cc869a", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af851d63-1846-55fa-8832-4e898f6095e9", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55e902ea-5926-5328-969c-5b73863ecc50", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f9b94d90-1809-5e8d-a0ed-e75f00c0c688", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:98acfe2d-5ad5-5dd7-9472-ab61edbb0c47", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:29366522-8e75-5e72-b717-f0fd6ffb9cd0", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:517a87ba-2ab3-5ce6-a338-684df7ff0e78", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c70254bf-ad25-5270-84e3-a8b1cf77979e", "id": "CVE-2015-3192", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-3192 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:63dde1fa-56e5-5282-a144-284b03e590ee", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2cac371-5aa8-512d-9c35-5c14ab8a27de", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b3bf0c35-a875-52bc-8d17-fce789dff861", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4e1621dd-b9c6-507d-b85c-cd629caa3731", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd2a7cbb-6003-576b-9cea-3de4d27d2cb0", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c30b622c-9b7a-5786-9744-16aa16abb0db", "id": "CVE-2018-11040", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-11040 is a false positive for org.springframework:spring-instrument 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:31fcf7ba-d7ab-52b6-94cb-38cefbc7f8d4", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-instrument 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fd72fccf-9381-59e9-a504-0591b576d7d8", "id": "CVE-2018-1270", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1270 is a false positive for org.springframework:spring-instrument 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:314ee2eb-7cd2-51e0-befa-21abf041cae4", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:984cb6cc-fd90-5f25-bfc7-6ac4ae706de9", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:083a71d0-516a-570d-b683-e949c130b8a4", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:408877d5-ea4d-5a51-8d2b-953641e0ce40", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:66fbc0cf-f71e-5d47-972c-3a2944b5c450", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d261f5b-a283-59ea-a0e3-b336cdabbe6f", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d3ca704d-c063-5ad4-b810-192a72f3d711", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0b2ce8ee-edb9-5159-9a05-168020deff71", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a0b0663d-fbaf-5d9c-a619-31cc2696970c", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b75226d0-bfa6-5b75-9851-c852457b8cd5", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f94fbf13-5862-5f90-9e48-427a9a06d5a8", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1ce7d6e9-3f5d-5050-bc6c-22f58ff8be86", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa60a38a-680f-5c66-930b-ece31b5f1368", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:933d4224-9821-50e6-bfb9-2486fd46ab9f", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:598621b6-e16e-5024-9d63-a46aea977b3c", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:56d0a438-2414-513f-a90a-ba084e2d7d98", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a4cda409-8bec-55ca-91a6-4d3e4133ca0e", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0d6db52d-ed5f-59a3-b6f2-8c36130cdd31", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce6188fa-677d-5843-8caa-80ed71ec11d4", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ff9c42a8-5869-5e2e-bd7b-7e9e81e43f67", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3fbe4bb7-bb7a-57ae-bf7a-e49960f382de", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:078f52d6-192a-59bd-b5f9-2491ff583aaa", "id": "CVE-2025-41242", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41242 is a false positive for org.springframework:spring-instrument 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a637fd0-0480-5466-9376-1e87a0b0ac8f", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:87bae3f4-7d95-5227-b383-b09ec823fc47", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument@3.1.1.RELEASE-tuxcare.1" } ] }