{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6eec498b-2a11-56b5-a0f6-eebb2b5614dd", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-instrument-tomcat", "version": "3.0.5.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5a035a90-6f2a-5949-8f0a-fe98ba75d207", "id": "CVE-2011-2730", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2011-2730 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3c101f9e-a469-5da4-a146-9f32270326ce", "id": "CVE-2011-2894", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2011-2894 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0477f1b-8c10-5d32-9dbf-17652c8189d1", "id": "CVE-2013-4152", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4152 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2e71446c-ba85-5920-8bbf-4885b17e9cda", "id": "CVE-2013-6429", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6429 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef07e505-42fd-5f04-ad1b-06c04896b5e8", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4391e4d6-91e4-5a53-ade2-f469ba73c62c", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9517fb8e-e961-5054-a2b7-593a7175e2c1", "id": "CVE-2014-0054", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0054 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d2034e6-ef3a-50c7-87a9-4512a294b3e0", "id": "CVE-2014-0225", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0225 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c9de90a-cb8d-524c-aa66-ee86a1588f1e", "id": "CVE-2014-1904", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-1904 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ede4572f-8989-58ff-98d4-321d2891b2c0", "id": "CVE-2014-3578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-3578 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:054b5e1d-68ac-590b-8479-f161cf73e7d0", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:90b4457c-84c2-5c67-ae85-7b849c8b92cb", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:623d15f8-f764-5d42-8d65-8435a339ff8c", "id": "CVE-2015-5211", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5211 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4e1aef7a-72e8-52c0-987f-0a242398e931", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8994418e-b0d3-52e9-acef-a936933d4957", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1970555-64bc-5313-b494-b2a9f28e4eec", "id": "CVE-2016-9878", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-9878 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fad7b9b3-c8ca-53b8-aedd-13e32aaa02bb", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ff87a6da-4b2f-5f11-b507-dc3e76a67d5b", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60d8751e-c7c1-5bdb-b061-db8a2e8ce30c", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:85d2809b-c60b-5a64-97bf-bdc704c6f8a1", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3521ad0c-b52c-511e-a1ea-b6f49d18b5dd", "id": "CVE-2018-1271", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1271 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a798da7-bc41-5332-b77d-bcede87c31da", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2fe036b2-792e-59a0-aef7-a35d84b2936f", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d12b3852-5100-5560-ac9d-2a449ecce000", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e932f56d-3e0a-5394-b9b5-c3cabab7aa2e", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:06056e64-bc47-5c90-812d-8d54029060b6", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b53bb5a-5de7-5679-898d-53bdd9a9711a", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce3a186c-390b-55da-9b08-193c65ded083", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:63ea8bf2-5f9d-5dec-a771-0d9d252a7753", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:329bee94-ee0e-5604-93c9-117d9263cfc5", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:34f60925-91f1-50f3-aa9e-67f6d10b3b9a", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:464ffae8-f599-555c-a2cb-c75f9115c098", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:04bf50c1-2ac8-57b8-8636-759691ed5f54", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8494b8a0-b3ed-53c0-a635-7a754e9e0081", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c3505a2-4d3c-5e44-92b1-48afcb53ce09", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4dba9b90-11f2-55cd-a3bd-e7dca767036b", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc3d1751-8450-5a21-8696-19b83fe1a3a2", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:abeb04f3-96b6-5996-8e70-76a8f06d7780", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5b45082-ff9e-5ec9-aa4e-bc29e0db5c01", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a8e90e8d-345a-5065-bc73-8b3f87557abd", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@3.0.5.RELEASE-tuxcare.1" } ] }