{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:85045af1-48cc-5a01-b371-8f992a2ba956", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-instrument-tomcat", "version": "4.2.9.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1ca5ad03-cbb1-5dff-a1b3-212539fb44a3", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dfd76681-be9f-5b9e-8270-03f8c1e4f22c", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c11ead7-15a7-53c1-8345-4822ea0f077d", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:25d28f4c-741a-5fb0-b6d7-d8d8bc9fd909", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b630deb9-5c5b-596f-aabb-2b5dda719cdd", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dad14043-ef92-5d63-bf9c-d7a910a829e3", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0cbefe13-9052-5cab-90fe-5609eb3718f3", "id": "CVE-2018-1275", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1275 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b9df8e7-f0c2-55d3-a29c-7ef6a18c80fb", "id": "CVE-2018-15756", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-15756 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:10d3ddaa-98bd-5621-bea3-e4e4ce91dafd", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83d98dd4-6b6a-59d1-be78-dcc539729e69", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e99986d3-2567-5ddd-8a07-ecc2059c50a0", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:700c6fde-0a15-5289-afd8-16204bf5892c", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:97240b62-3ca7-51bb-aa22-d7ae13535873", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7944fec8-ea19-5168-9c3d-06a36e4e3005", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:56d06ecd-06bd-5fad-8034-6deb060e3dec", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55de86a4-4cbc-53f5-b991-0e4936fd2046", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fdf477e1-0ca6-59bb-82e9-838284d3733f", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96481c0c-7fbb-5bef-acff-ce2034635186", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b6b427b-acea-5ace-8673-ae6314cd3674", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c3a772c-1671-551e-96f7-e9a39562690f", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e650bef5-e1ff-5010-b65e-3d4597b36d32", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2f21d76f-e307-5835-8c60-fff727775827", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a944f9c7-95fd-5c7b-ab52-6b6c05e5497d", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a5d4462-3b68-5139-b915-e6832e053cb1", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b13ded3-7e5b-57a6-8d5d-227c41f30c11", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:57348c3c-3ceb-5763-aca3-4a5e17338962", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78bc5b44-f290-59ab-ac85-3168d739984f", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a525c3a-638b-540a-8a27-e58314a9d5bb", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:674a5889-2492-5b03-b873-0f186757a910", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:25fa9461-cecb-5d93-a496-8501e65f56c7", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:65ee5a43-a6c0-5bc5-ba7b-649260c93ad2", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6aaa0550-dc93-5502-8bff-2f3860a2aa50", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aa1c74b8-a625-5e95-8c7a-37bbbb452d41", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5531622-c8e4-5f8f-8b6a-97b445ab0784", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:53d8149a-681c-5359-9b27-a170eca3b459", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:66aeeb33-9ab6-5944-b256-3d46bc044b7b", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a6e3a3ec-eaaf-5bbc-98b1-4216e01a63ce", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:713aa627-0b37-581a-968a-f8732edddabc", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2fd830e9-9d5f-59f9-becc-c5b3c6d261d3", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:00d66eda-6e00-5f1f-b600-ae32887259fd", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8344f458-af15-5a98-a78a-823f11978a33", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:532830c1-110d-58ea-9ccc-fe3f16f5c072", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-instrument-tomcat." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument-tomcat@4.2.9.RELEASE-tuxcare.1" } ] }