{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fa8b7951-f16b-548d-b8fc-88e0d366c6cd", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-instrument", "version": "5.2.13.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f1aea169-b890-5e60-9791-990fdab213dd", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bdd7c7ac-7d61-58b8-9fcf-e02e68751fd2", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3c88817-1e4b-5d3c-8cbf-78f3de66c4d2", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:64eb6e40-6c8b-57a6-99d8-7c3cd636697a", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c9b4b8a5-1acd-5731-96ae-2fca0ba53302", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:02ae5932-18ab-580d-aa44-c816dd52d96e", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:584d6528-fdc9-50d1-8420-cfe4d615a96f", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bc56a2ec-90d2-55b3-853c-d23a44bb51ee", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6db7fc3f-ed3f-5e67-a766-f6be78fcec4b", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba9e05e6-ab06-5e6e-ac46-f1e6109b41bb", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8f22bfa6-0a0c-50fc-94ed-73478b343220", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:590890a8-4c41-5238-b0e7-dc1dbb5e40bb", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a641e80-73c6-5a7c-8785-d98194d32b7c", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d708cc9-3879-585e-bfb2-bcbaf7707901", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c83088c-12e2-5f20-9c1a-e78bd72834e0", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b99f2986-db3e-52bc-8854-aa8c7652c50b", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:81af830d-0da3-50dc-8bc3-4ba65a5694ba", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:504f70e9-1579-5a0a-a5cf-dce42fcca032", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a9e97c0-f323-5982-9f11-a9ffbae3514b", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7cc9f10-0eab-5da5-8f53-d13a81d8a2d1", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cb1bf710-bd16-5f48-b719-62d42d15fa6f", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c462dcc-a5fe-5a09-875b-0c75d6ebe36e", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd52fd6c-0f8e-574d-b5d1-ae044a5a1ecd", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.13.RELEASE-tuxcare.2" } ] }