{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2d8db8c8-a922-5d8a-81a0-1b2261635bdf", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-aop", "version": "5.2.0.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2c7911a6-1224-5ef3-b808-1e8828d5e5f3", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a639c18b-2da1-5b62-b5d4-22c4efa95b48", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:16ddee89-87f0-5d05-a9d4-6b3da265bc6b", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:69b29950-d322-54f1-9588-044f70c26059", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f1633f59-2797-57f6-83e6-f5372632e379", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b4d546b1-8aaa-5698-abf6-b4d6d34add7c", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:910368e9-8e4c-5280-a9cf-b344b2ab441a", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9d54817e-dee9-5f03-9790-d6ee10056ed0", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ecd79f59-8030-5464-b719-7797bcfa5660", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aaf7d3f3-a8bd-5759-a99a-63a1b7c9f59f", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:356e3bca-b6de-5e02-8aae-37eca085eb9a", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a57de931-c703-52c5-a36f-be6e91c1726d", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:75c8749b-a519-56ac-aa44-db357117b823", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:165d274a-2731-5037-a745-bd9cf6c92d17", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eadf1483-bfd0-5c7b-9dc6-9157073e5d21", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c53f8228-8bf1-519a-a72a-b6c424941d60", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:556fd8a8-3b54-59b0-9a6a-2fcd088db494", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ba3ff4ab-8c99-5cfd-ba53-9be743e8123e", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:63baf543-fb49-5f9c-b09f-b068df5fc269", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-aop 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b5bea66a-dbfc-593a-b7e6-fd3310ce5f5b", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5176eba8-010b-53ff-a1c7-50ca14057d42", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e8a110e1-2283-5889-aa9a-0debc03a45bb", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:62522656-f678-5db6-a5ee-91ec113c6da6", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f20830f3-4143-56f6-9c00-e02248d4cc01", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-aop 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bb46f569-d6f0-5612-9832-0bbf910377ef", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.0.RELEASE-tuxcare.3" } ] }