{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:71511179-1d3a-59cf-b2c0-ffee14e2c4a2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-instrument", "version": "6.0.23-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1d05825e-1e1c-518a-9281-2bdd8665dbd3", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 6.0.23-tuxcare.4 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:db9760d1-b406-5312-a5ea-551aa8527b0e", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0ca85d4a-4a57-5955-8667-19bea9814992", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:953368d4-90bf-5c4b-8361-925252d29a12", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3184d392-ba3b-5bff-a6c8-af0ad0db58d2", "id": "CVE-2025-41234", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a0b75e24-6148-5e86-8965-94338bd21890", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 6.0.23-tuxcare.4 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0d27904c-fb6a-5b44-b30a-a9488cc67134", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 6.0.23-tuxcare.4 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3e952361-0567-530b-a8bb-902d27bf92fc", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 6.0.23-tuxcare.4 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3b135b1a-5c98-5784-bd76-1d042f623858", "id": "CVE-2026-22735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22735 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:445a1de6-b693-5ca0-9185-93c68b146ead", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 6.0.23-tuxcare.4 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1edc0076-5fa4-5af1-a65f-22219a4f4659", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:027ac22f-3618-5446-b0a5-fd87fdf789fa", "id": "CVE-2026-22741", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22741 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:79d2af8d-cd1f-5908-bb3b-39839ff57597", "id": "CVE-2026-22745", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22745 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.4" } ] }