{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:24094462-a53c-566e-bece-35e7ad6fe26b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-aop", "version": "5.2.0.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b7d3cff6-557d-5e3f-ae0d-3f8629693cfc", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6ead7645-6a77-5f6a-8af9-c445ae750f6a", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4550be54-a77d-53a7-a778-1f7a11f04a82", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:048de8ab-76ac-536d-a2a6-f68b3a28da4c", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b36f5d4e-ce69-589c-8b52-2604a8f8e23d", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:67727253-c4aa-5846-b8ad-77040a6bd6bb", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7c4eae1-d669-5f43-b77a-bde965e66927", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a33e3c02-6720-5094-b338-46c00f7b3a21", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b0d2562-f845-51ee-b322-03f1484fee03", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1986cc38-8959-5c57-9dbc-117466125050", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73fb61a9-e035-59a2-abdf-6ee068f77266", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3bb7bdc0-9655-575d-82b1-8822f129cb0f", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aefde605-373b-561a-9500-eb777ec4bf7f", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a18a5475-6cab-586d-b172-301a8140ebf3", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7943e63d-1904-51f8-ab67-a496220f9cfc", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ae265d08-e911-5fa6-b156-74de803e3048", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6f2202d4-def4-5158-943a-b0a4e214b738", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:762ef8ad-13de-5699-8942-29cad7fecb64", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:906c1937-4430-5d86-85f4-8b2c0863a36b", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-aop 5.2.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a74d7221-328c-5b76-b38e-7142d9eebda1", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:54c4e1c3-a48c-5fcd-871a-6aeaf7e7917a", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:edaa4caa-0edb-59b5-8bcb-6f0d534b9292", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d60d77cf-f53a-50aa-bedf-4a807ecb96c4", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7aad483f-afd8-59f7-aa28-66096742a061", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-aop 5.2.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6aff8f05-e252-5431-bf70-580353d0baef", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.2" } ] }