{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:99372538-f3c8-5066-8ea7-70e65f155037", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-instrument", "version": "5.1.5.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:23018e66-6c3c-5b60-8dcf-385785c522dd", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:38081f46-be3c-52a2-be6a-1f6760fa0686", "id": "CVE-2020-5398", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5398 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f6fe2963-7ab6-5761-8d26-a6af358cd3b0", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec9274ec-15f9-5e15-91a5-8376d79dcc95", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6455a215-f8ed-51d1-9d07-45db153025ec", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9cad8e72-d8e9-5e23-97dc-d851ca2cf0b4", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d271ab15-9cf0-5930-a809-aefb377716c3", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aad65786-0969-5f40-a297-c066209eaa36", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e19d246d-51d0-51bc-baad-2c40df882fac", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:25d72496-1632-5802-9b66-d61021a4e7a2", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d15bf519-42e1-51dc-9248-a1d7110f2ddc", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6be9de53-5ba6-5b9f-8384-f10731b3de50", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac38c44e-6dfc-5760-a224-7a708d494d28", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:620025fa-a855-5259-88d0-742adbcf1dbd", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5fa68e9-c479-5509-83f7-0dd8f534270a", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8012c61d-d4d5-52b1-8a8e-7b47eaa373a8", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:03385f2e-9dae-5aeb-8c68-0fdf53d651ba", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-instrument 5.1.5.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2380556-4b41-5a10-9acd-2a21e231e3b8", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d7fd336d-6bfa-5bbf-a69f-166b063c437c", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f41450be-4850-51f7-a544-598084c36bab", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9aefbaed-3fa2-5930-adb4-ed119e8fadbb", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fceb1b6b-d651-5eac-9480-0526ed4a5568", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0963a69-b727-55ce-aded-8ad18efa2619", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b65c5aaa-a33b-5a50-8e70-2687648e5721", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a8c25c4f-acb7-52e1-92c0-d5267d9729bf", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.1.5.RELEASE-tuxcare.1" } ] }