{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a16db27c-19ca-5420-965f-937530a5d9b6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-instrument-tomcat", "version": "4.2.9.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f7b6cc89-b26e-57f4-ba60-94d48d9f1ea7", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f9a065e2-4d96-586c-9644-6d20d119d7cd", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c50372c-e2f9-5d06-9bcf-3b6c1e92c683", "id": "CVE-2018-1257", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1257 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a8006bc1-07ce-5b88-824b-6f3d7f21a811", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7f74fa4a-9713-578c-a6b6-88477f30c540", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:befc7bc3-25a8-5eb4-9b4d-8f8df97797f2", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b30776c-a944-5f8c-b287-f7e77052bea3", "id": "CVE-2018-1275", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1275 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:311072d4-aa43-522a-9158-f5d6b8eb87e6", "id": "CVE-2018-15756", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-15756 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d0db109d-7f77-5d29-8537-5c0d3921e290", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:482e9719-f42d-5836-be19-c603f6506126", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc9c34e5-1ecd-52c1-9054-69de00600dd5", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e61fef09-df3d-537a-b71d-3ba52e899693", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79528363-96e8-5289-b0b5-688dc48a0879", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15dfdf3b-5839-5612-97cd-ecc71ac692b3", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a7a5129-ff6b-50db-9ec0-4fcc45a41eda", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ddab6919-2a24-5b25-935c-6985adadd8e4", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a11ef3c-f41f-57c6-aae3-ecde3314f2ce", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5b276bd5-8a70-5d8d-bfec-d93f5c162285", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a1eaa8ed-bc4d-5b46-a814-76a78abdde03", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fa45c209-efce-5e59-9ba0-cdb971335906", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6035d6be-2a99-5c0b-b748-52f7de301b99", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0ef2b4d-b1c1-5e24-b38a-c22fd33a3818", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3b7f37b2-ac65-5a80-aa51-cbc7afb2f2bc", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf0fee0a-5c89-51d8-a097-016e0d5f8515", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b1feb16-3e75-55b2-8696-0b77e7abfa07", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:958c1225-5449-5d32-8644-aefc6119d52a", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9fc2281-5e68-53bf-a695-4c7d928fc8d7", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77f65f7e-7e6f-50f4-8d56-4643e2480e4a", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.2" } ] }