{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a092cad9-91ab-57de-a46b-80f26c8d8a81", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-instrument", "version": "4.1.7.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:386c3cba-140e-51b4-b307-67ff56bf5204", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c8b88606-b94e-5757-be55-5f5b67787044", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7e10c69-dd3d-5cb5-9d7d-4bbf9cfd5c65", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2093c56e-7d9b-5809-8113-505045368e84", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b9673cd8-860d-5851-a5e0-aa3f852329af", "id": "CVE-2018-11040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11040 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e1fb31bb-cf09-5c76-862e-7fabd85be67a", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:941705e1-4256-5bf3-8418-e15357271548", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7a49357-8e2d-5b93-8c18-1ee513bc3858", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:af88b0b4-eab8-5e7f-93f0-7d3dd67972cc", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:395f6fc8-6de6-51dd-b854-8169b7cfce51", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ac330e2-5f4e-5a44-9334-95213aa12d69", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b2e327e-ef57-5750-9ce2-5300aac11930", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c7997249-8f6b-5f4b-be2d-fd66d8a7cd8e", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c8b4f584-5ce2-5171-9d5f-bb032687d72e", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d7f0f63-3678-5364-8576-43de3327cdcb", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e4a362b1-e57d-546b-bc42-91c845c4cd7a", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:56c97739-085c-5147-ae2c-0f42bd422600", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2beb3a34-bb15-5cef-bab8-f67e161d8b98", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f0dc447e-1455-5f9b-a58a-891d7710bf89", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19aab4ab-e4b8-5247-b38c-08884eaa057c", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:22c798ba-d0e8-5c4d-811b-074a5c909597", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9bf4c8b8-b990-528e-b3eb-c56182649bad", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:284267c4-3d27-51d3-a8ce-61d94efa2c70", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c9320bf-42b4-5ba4-aca7-bbce6fe4bbb7", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c81f8a0d-2ede-5b18-978b-4b654036b412", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:64961d07-3a95-5271-861d-39b296986c89", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d23d739-d655-55ec-acfe-842d3e4a73b1", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a5c96ad0-07ab-5bf3-8b70-b4b2e205badf", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:04de7b35-88af-5ec7-8e37-0e75c4003067", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.1.7.RELEASE-tuxcare.2" } ] }