{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:358e918d-d789-59d4-8197-276ed4b4fc0e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-instrument", "version": "5.3.25-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a6e870f9-4aa2-574a-bfb4-b753bcd945bf", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e8da031-6c81-556f-956f-d9b3be8ff53b", "id": "CVE-2023-20860", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20860 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d9e9a74-6311-58a6-9da0-d10479fd809b", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e057a854-21da-5003-9505-960654d73774", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:649c1285-c0bd-5ce0-a433-9c9b28c7202c", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b820e834-5412-5aa3-b6f2-fbed9e31eb71", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:43dd5789-f19d-538c-8b96-0af4ec0eb16c", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ee9260f-c8a4-56c4-aa1e-d767a163beaa", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b02517d1-c51c-5a0a-9052-48e309df465b", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2f3f2afa-2ac7-599e-ad92-29745acad6ab", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c1015da-0caa-5b0d-83fc-d0572d074df0", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:94733749-7d19-5d22-b78d-9a1564f941ad", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:752a5f31-07b5-565c-b598-a6fb97d3aa07", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a18d354-3c9b-5cc9-be53-441a53c247be", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:53cfc937-4b28-5925-8741-fb25671f753c", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:250d6645-54d8-559b-befa-1ebd5ea0b95d", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a884a30d-0aca-5eb7-a368-89aacc2194d0", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83548c6b-badd-50d6-b06c-a69129d39c72", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4a45e532-4009-5dc8-825b-de582c1cfd1a", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1b75183-c420-534a-a56d-a17b9eae417b", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0197e00-0ba6-5b41-9417-115c73492488", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bfed5f29-0c56-527b-b11f-892831616267", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df2dd1bd-88e0-5f79-8465-81fbf2e53109", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cea26536-12cb-525c-982d-f35f24c16b6f", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4546d7ab-0d0e-531f-b484-4f2f6db66253", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc21ba48-04f3-5220-a6f4-4fe4501a0aa0", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:07494db9-019f-50eb-9179-ad89fa2ac7fe", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:11926ef2-9c97-5845-a45d-66e686566933", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4eba3e7-e826-59ba-a987-76a857226b45", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c8b42a4f-9086-5b65-bce2-5edf0c0f93d6", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8cf858a8-6bc4-5861-8543-614618f9b44e", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f57e4b24-9198-5de8-bce6-2af7cfe674ff", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d5f9fef6-6ead-557b-9cf5-cccddb99ad5e", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:04ed66e8-0c30-52f2-8230-753d23524aa2", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:66cf7840-9c0b-59ea-81f8-d80d0262337a", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a37d7871-101a-51e9-a490-36ba6286d701", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca1befbd-f214-5c13-870e-0abdfecbe799", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3abc16a8-754b-5f1c-804f-87b9dbc59da6", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4820e6b8-2126-5c9b-9de7-aa4e14284d00", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.3.25-tuxcare.1 of org.springframework:spring-instrument." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-instrument@5.3.25-tuxcare.1" } ] }