{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b2bf6cdc-d826-57e7-89ad-fceba0581f6d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-instrument", "version": "4.0.0.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a63786c8-8615-52e1-9766-e1e760564796", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf836fc4-cf00-5aa3-991f-19f85bcf01df", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b706d85-03b2-5c9a-8343-b9be5d4da67c", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:02e57b7f-5e97-5b04-8a15-fcedfedbe84d", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7baa1404-4da5-5bde-afaa-a21f057c8a8c", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f9d9b93-c061-5dfd-8c5a-9f936b12bd85", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf205f33-985f-5406-9a5f-3cbeeaf80910", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4fe93521-8278-5dec-925e-5df991c4d5d9", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d25962b0-fdcc-5707-b0ab-fbf5b752a798", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b3d2e49-2fc7-55be-997e-a7c2f2de066d", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:339f9447-1871-505a-b715-c1b5371c43c9", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5e6bb03-87f6-5819-9784-25bf2fb7a2b9", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:93cc3d33-18b7-55d0-a801-fc87a641d251", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-instrument 4.0.0.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f18a1da1-def6-5592-a9e8-be515a2b3b78", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c31b434-8afe-5c8f-be4a-d2b77398abf4", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ffd1d55e-125d-50c8-93d5-391472a390ed", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:890cb0cd-3894-5e0f-bc18-2bd764826c35", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f60d47a-b4ae-5991-9b94-8cf9fafcc049", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc7be1ac-d759-5a4a-8e62-9c99f3ea943d", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b953b06-97de-50d3-bad7-55d0be60776c", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:66d15d42-57c8-5961-a5cd-c164921f9813", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:62c9e9fc-5acd-55a1-bd77-f4bf974d2ac0", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8825c2e8-a9a9-5c32-8636-0571e93f6140", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5ece527-8d82-579b-ae49-80d2f072bb4c", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:415ac603-d775-5c96-bdf4-0cdd6df38c59", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9b41b04-2259-52e7-b66f-b053102ea4be", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ea2b0ad0-0590-5249-86c5-413d1f0e9256", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae5b8ff9-06fe-5381-be35-aba039b6c22d", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7e1330cb-48c4-5a9f-babf-65d68ceb5aac", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:efe68b77-e943-59db-badf-e79e8ca911f6", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2990fc3b-9094-55fd-9ae4-7cb1b224e552", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ab2c621-440b-50fa-936c-fbf8e7644f23", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a19b9b7e-9071-57d3-bf4a-c0cca6546a8d", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c5c99a4-17a5-5e6f-93b0-e8dd46a19f60", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61f5d344-09a2-5f93-a25f-9e152d1fca95", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8d403a24-e512-5ef8-b1b5-89e077a067c4", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:487fa32c-44e4-5f6b-8e77-02ea67b3feae", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b04148e5-a026-50a1-aeed-e2587ff7f028", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:056efb4c-f478-5b9e-8941-7f6835f581ba", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:156d7dd7-a374-5812-a15a-53176d32b0b7", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.1" } ] }