{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:381892cf-12f0-59f3-a0f7-e927a722d787", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-aop", "version": "5.2.13.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:be745c4b-e626-5a95-a2d8-c6daa1ef1ab5", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:15a3a185-2126-59a9-b7f4-c30cdd117be7", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df057ef9-cbfe-5d6c-950a-42e8cbd52a7b", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fed5283c-7291-518d-8939-1333f0cb55f1", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3197014f-49a0-5757-bab3-e7e0047cb14b", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c6de2630-b034-5fc4-a0fa-172d37e4a051", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:802899ff-d5f1-5a47-a30f-b331b19b9f4c", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19be591c-0c61-5a13-ba09-7b91a60ac203", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0172cdbd-0ebb-5d8b-bf1f-342b251cf3ed", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f3eb816-e88b-5ce5-a6d0-752d5638f7fa", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2629964-c576-5ede-a10c-bbe9da5cfddc", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5f3158d-e79d-505b-ae34-6d502206e25b", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:12311d61-bbd7-5ade-acc8-cabca51ae2cc", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dcd7bab4-f6e6-570b-a34e-1cf7f0d13a2f", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0598c457-e232-5fe6-beae-f52d3500ecaa", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:67859981-68b2-563f-a61d-a4064ae039d8", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:951765ee-0938-55f0-a89d-0013bb8499bc", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f163149-cfec-5681-a887-53552305e7d2", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:213c039e-f6c0-5f50-a417-241e082ac2b5", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0d9f9627-e559-5e12-b273-cc6ca2c522af", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1a6a8da-5db8-5353-913b-bcb8d54d02fc", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:77f828e6-a287-5fff-a90a-badb92ddf380", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8d5ef78d-5c3b-5ca8-b1e6-3c15e96b62dc", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.1" } ] }