{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9f03736f-232c-53ba-a578-6427c5af8047", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-instrument", "version": "6.0.23-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a0e0e95c-f787-54fc-9eae-441cbd1eec2f", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 6.0.23-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e91ee19f-1388-5ac6-a496-24de3cf562c5", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2bb60602-ccde-5fda-8176-14a1db3f9a81", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:227c5786-f92f-54f9-9e21-5d57f2483fd9", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9520dbbe-8742-5ed8-bfbe-1de5423b09d7", "id": "CVE-2025-41234", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:99c5bd26-9422-5e95-b593-c346aa4125f8", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 6.0.23-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c06cfbe8-210c-5e90-bd6c-9a9470a7ea86", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 6.0.23-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f116c11c-da90-5d98-b3f3-7a24db26217a", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 6.0.23-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:92785334-8448-51f1-bd8d-c5467d24207f", "id": "CVE-2026-22735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22735 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:84b6711e-97a2-5724-8be2-d133a1240984", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 6.0.23-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b36d9ba0-dd54-5ad0-aebb-c2b139c1cc1f", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:12f24b1f-4319-522f-9253-8e5864f2a873", "id": "CVE-2026-22741", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22741 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:80197767-1eed-5fca-a3c6-27b339abe18a", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 6.0.23-tuxcare.3 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument@6.0.23-tuxcare.3" } ] }