{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:18672b0b-5729-5d62-b45a-ac5e08673c0d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-instrument", "version": "4.3.30.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a87ffcb5-f878-5ba5-be03-447ea9c6be99", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c01cf22c-c5ce-5d56-8d48-145380f22391", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cb51aa08-b054-5e5a-8425-84d323a79d4c", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3d10f518-752b-59f3-8b39-4822c39af454", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:21b25a43-dc2f-5bfc-9778-b392a7b64ff5", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5b13bb73-6523-5b22-9706-e2684f98f4ff", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a893ade-0d75-5e52-987a-f2a28984d97a", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1d4b7158-bc80-534d-95e4-224eb3b9e5d2", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e3cc778-d127-5f3f-97ca-6e70564c63b8", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a74adb6f-16c2-53da-844f-1ce56cdffc2d", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:94e92a06-675d-52a9-87fc-fa1b10e6c2fe", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:26ca77eb-5baa-5ec4-a916-18efc05bd205", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:266bf9bf-ffc6-5986-a1f8-ed96c9d46d9b", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba92887b-83c1-57f2-add2-67e7d114a568", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:63e281ff-0f8f-5b9f-b64f-8d5b894556ab", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:807de2eb-3c94-5e50-972a-b905930d9e8a", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2c48065d-3c98-5479-8a22-0307016ca722", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d43059e3-bf6e-5878-a278-8715105d514f", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:148bc64f-b173-501e-ba62-b2329b9cf4f6", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:316dea18-e233-5331-898a-e9911fcb05dc", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:613265e5-9adc-5ea0-9fc8-27cf281556ca", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c5c8d214-3bca-56ae-8eac-34b7b977a315", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:44344056-dea8-5641-952b-cc5f56a4520b", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f97d4dc0-4819-5304-8f55-e5132dbef58e", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77559c53-aba8-5af1-bbe6-fceff7f52865", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.3.30.RELEASE-tuxcare.2" } ] }