{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1d2009d5-7d25-5d22-977a-30ff960257a4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-instrument", "version": "5.2.0.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f35993a0-49bd-532f-a72d-c62a04384987", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c347860-0f85-5771-8752-ac469472fd4c", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60cd4855-2cd0-5406-84dd-c23566ff4b5b", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f9250797-be2b-5ed8-b054-fd9fc745fbb3", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20dda62c-d9e6-580b-a96b-9b9da020f518", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b67c754-b3b5-52b1-9bb1-0c3870554bb7", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e6e28fdc-8cb6-5333-97bf-1611a0f036da", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f3ba3c10-9c0d-5f4f-b0b9-497f3e157e48", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:65be537e-98a5-572d-9dae-1711292302fb", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:085256fc-3db5-57a4-89f3-d9a7ec5f02b2", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8bfcea68-4dce-5003-8378-a6d1a740b41f", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b30f8ce-e373-5354-9264-69011124fa5d", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3eab8e68-3ea3-51c8-8c48-326f4372d4ad", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6aa3fe29-1429-5748-9ece-fbd58dc347d3", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aa092ea5-5f5e-59d8-bcb5-d135ef3f27ee", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1cea4da-0878-59aa-b367-4a403b20f2cb", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1c87c75c-06b1-577a-af87-1ca1651122ec", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a6a2957d-9262-520e-8308-14bd023bcf96", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5e98822-09b2-5cec-a339-c832cfbdd364", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-instrument 5.2.0.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fed8f044-7b5b-57ea-bcdd-982800ee09d6", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a3a0d6da-ee8d-5f75-93fd-4d95b99540ba", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:04533d9b-538d-5abf-8722-2a030804c963", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5e0858d5-9d9f-570e-9e45-6a3ae432c981", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4eda7b6d-ec67-5808-82ad-1fca62d293ce", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-instrument 5.2.0.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b325a5f1-8ac5-52d1-b03b-5e11ffe3dc54", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d9c661bf-9a1b-5c9a-af7f-2f79f1cf8535", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3e4d8fa8-53f6-5d0f-8c29-609508a91b26", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5ffe2c1-2911-595e-b2b1-5c7064d20d45", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a0a9679-b5c3-5d58-ab12-666b1a62c487", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dfe8829d-277f-5298-a4c5-1d960d102b8d", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2018329b-0500-5953-b517-4a7f8b6b908b", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fefcb510-80d5-5b5b-b178-362eca65869d", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca50f1fe-1445-5731-a059-bff5389266b5", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19fcd3ab-e2d2-5470-9839-3744ec927827", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:473dd6f4-00ca-5a94-80cc-433592bd76c1", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80d0ebd0-30fb-530c-a985-043d155f22a9", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aee72fe3-fe47-54fa-9bee-ecaf4de0d5bb", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c61b8741-40f9-556d-9bd0-a81c273dd83d", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80a4fc9d-2434-5b44-b749-0f5077acaab2", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:299790de-c55d-5311-8ffe-fd53e932129b", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:517c5bdd-a9a9-5caf-a3a6-fd73ad971247", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:348f74c1-3858-5fc2-8fa9-eb6bb227bfb4", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad5f836a-5a5c-5c55-851e-24d68e4d6b81", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9959cd6e-339b-5e19-9250-4e0648daf897", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:668943f4-3f2b-52f8-9a05-871a59855dec", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.2.0.RELEASE-tuxcare.1" } ] }