{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e2949a6e-53cc-5a26-8a76-9d6aa40ef7c4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-instrument", "version": "4.0.0.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6db0c353-2f2e-50fd-b697-9ac492f3a219", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b6e46eef-178f-559a-997c-4a87027f3a2b", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b799fe3-7b91-5b98-967b-3c68556b9911", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a03b9e1f-6998-508c-8545-065cff8a8bc0", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79292747-cecc-593a-833b-9e16387fa414", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c790da60-8b22-5928-a965-62f925786882", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d0914a0-300b-53bd-af26-bd485b9bffbf", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:163a8b1b-6f48-501d-8237-8efefea542eb", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:977ca876-f683-5a1d-883f-2895f05ed1d0", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6af30410-d66f-5dc9-8d24-9849baabb3e1", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3bf42e5e-d6d7-525d-b771-dc7974521acb", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ff9ed72-384b-57a3-a6e8-5d464366efba", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ae4b8ae7-f285-5549-8b17-d879846c0432", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-instrument 4.0.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2ba4d067-f2eb-5a7f-b827-c3d6fbcde84c", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e121409e-7b5f-57e9-92a0-431bedfb7941", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:22c7e5e5-6179-5ba1-a915-bce423fbac03", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:29179325-5e97-55a5-8fc6-db91575857bf", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7400590-9114-5707-b65f-c5ca37e21e3a", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0241c1fe-af36-526e-8e8f-70207d5fa0f8", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:49b3d38f-1b83-5b25-9f3a-2d88bab08f2f", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:84f5737f-edbe-553f-acf1-62f18b9ef37f", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3a60c7f-0c1e-520b-a0b1-22d59ca95d0c", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4935cdee-1352-5d85-92d7-e69d241d113a", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:11a3c345-7e0d-54d8-8816-dd273815852d", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1973e420-7f74-56e1-bb55-e1c90b320d9d", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28330894-8437-5da5-8425-d1ab97bc98ce", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:43a776b4-3418-53fd-85dc-94639133ffa9", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:93311af0-7ca9-5369-b3a0-4e995cad47b6", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:959cd3b2-6139-5c4c-a5e7-0c07f086c52c", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4c8c4083-4706-5146-bca1-c79f271bbb25", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a30a3088-3708-52ff-802d-e3d43a68841e", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:51ebb448-151d-5dc5-b989-2c0ac2ea58ee", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6d3e7b3d-20a8-56aa-8148-5888b27a95cc", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba063580-9e7a-54d2-8387-1a83f65d743c", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e38b7bc6-2f8c-5d3a-9463-412daa6ee026", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f55fb1ab-b4b2-5e20-abaa-dec7bd33059d", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:db4d4a90-2852-5558-9ff4-da3cec4eb5b5", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91488393-964d-57a4-bf8d-739ba7686241", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:22ccb562-8f1e-5e87-8ad2-24f48dd068f9", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:457f15e8-9b76-511e-babb-001f91d7d25b", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.0.0.RELEASE-tuxcare.2" } ] }