{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c5cdcaf3-b6a1-599e-82a4-3ef75069ef57", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-aop", "version": "5.2.0.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:af9e3a1b-46b3-5807-9141-b11a27415c0a", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a67351b8-8592-5520-80c5-4a8ceb8d31c4", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c63daa2-2320-5b78-9d91-eb415b59d197", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:917570e2-7c59-5883-a359-b5d216ce8f81", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a92ba370-886f-5c5d-a611-f0b56c487efc", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb5e63a4-859b-5c03-b2fb-a6755db21ae9", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3e2ea24d-b326-5d03-bc38-55731b4a7cd2", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c6964fe-ce91-5db9-8f64-534ab065b893", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa38a566-b638-53a9-b2e8-66a05e93a035", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58accbc9-7508-5314-8d7a-b9a12c5a02e6", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe89cde1-9eda-5677-b7a7-c4ff3515f731", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe0d6eb4-6452-59cf-94b8-a0f757cca720", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e65330cc-62ed-5f9d-a8bb-aa77220fb2f5", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8d1bdd88-69b4-545e-b39f-93104d708974", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:50cb9b07-ed62-518b-9cc9-b681f5285dde", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d9fb213c-e624-5eff-abb4-7beaeb865078", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c3c3413-1584-548f-8857-393d300d146b", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e215c393-3373-53c6-9cbd-f9754053be58", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aa6950f1-03ba-5104-bc68-bd09f7e23b65", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-aop 5.2.0.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:387aa90c-23d0-56d0-9e65-d21d29f8857c", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6bed20d8-d0b8-526c-8494-43b81d56de84", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:072190d2-bcec-5695-833f-868aa585998f", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f07bdc5-b714-5da0-bacc-d53d937a9593", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:049f37b5-a193-5276-9493-310e13dc0ea2", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-aop 5.2.0.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:132d2abe-3f66-52ac-95a8-92efc46a5141", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.1" } ] }