{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3c8bc64e-40a1-515b-8e03-63733836e37b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-instrument", "version": "4.2.9.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2709e362-a12f-5b31-8c27-ec4fb7c15808", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:969c121c-767f-50b8-8803-19db5cbc3d82", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d0c49a2e-9ba4-5d35-86e5-fdc7ac1579ed", "id": "CVE-2018-1257", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1257 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:335f115b-0a2e-5edb-aa5e-0fdd904718f6", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cd38f0a7-4f18-5937-9daa-d1a8355d1fc2", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:29f3f8db-b295-5da9-a8fd-9c5f8ed3c6e4", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3d67cac-672a-5f06-9143-4af1763451ab", "id": "CVE-2018-1275", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1275 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e6cdc13a-1ae2-54a3-82e2-6d1e3cdf8585", "id": "CVE-2018-15756", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-15756 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:efe86a78-e597-5b55-ab63-9671647c3830", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2031384d-8c86-5342-b844-228a0dbbbf93", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bfada3c4-628c-50c9-bd10-0417774a16cb", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a990d22-5543-57c4-b5ee-5d049d278ebf", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1d25d0f0-054c-5ce5-95a6-521f94bad4fd", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc4e169d-e61a-5a6a-a524-4f6cb9449c75", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:71fdeb61-a4a5-51a0-a049-09684e2603e4", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3095ba5-ec90-503f-9ab5-3927383d7c3f", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec452a36-9def-5b66-9ab6-128e6329913d", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:295e2739-00cc-56f6-94a3-c74168349c3e", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:daf7d8e2-5cc2-55c7-b968-ebff8bc8bc0c", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf5aef27-a2f5-55d2-8040-4b3f98bc5fbe", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df4f2085-9753-5080-b635-22e8bba736b6", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f1589d6d-1a71-55ee-ae33-f9745e705e2e", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d287afd0-0e63-566c-8049-fd535db628bc", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7e57936-8fbd-54f1-95cc-4262a35c2cfd", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2b992ec-76e7-5c3c-815f-62d866608983", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f6845fd6-4159-5f3d-b105-9dd68e73892e", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2fbb0610-5046-5c72-ab4e-b945b7e35b96", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13e5b038-9481-5d8d-8c6e-7da0744fd6fa", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument@4.2.9.RELEASE-tuxcare.2" } ] }