{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:05f5d771-9d49-52da-87ee-e9088bcd425d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-aop", "version": "5.2.13.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:336019ad-bb82-569e-b787-7adae275f7ff", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eba5dfa8-1601-5b5a-899a-bb3f469a0d1f", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a8ef502e-4b46-5ed9-b501-620c088a867d", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6dfd0105-62e3-5d1b-86b7-915f8e8ddbc4", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9a273a71-9053-53d6-bcd1-0cb56109331b", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0adf8544-8029-57af-994d-d20ce731eb3d", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:71f00d29-02a5-5391-b759-a996a141b87e", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3c3d7d4-cae5-53dc-a198-b0ad10f4d32f", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0422faea-cf1a-5f97-b513-086a76460824", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d1b3ffb7-d049-5069-b026-818123413117", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:de724b8c-4377-56ef-9da4-bb0571af00f9", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9868ced9-6bcf-58da-8bc1-348f744e87de", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b91b355-01dd-59cf-b6d7-f8d109c06259", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c433114e-179b-543c-8e51-90d995f7a421", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a4d9415-ee6d-5fda-86db-53bd795f6f0f", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f9dae4af-2542-57c0-a7ec-f1ed10b7cc40", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c4b6dba9-4663-577a-8a71-feec434da83a", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:641c3da5-83ab-5026-a874-fd446f429e4a", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4065abf0-3f93-5e4c-8979-1917d2654174", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ad83d201-ef95-58ad-abca-44c333f1e5a9", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb4c1a3f-f952-5788-b47e-c3884f73cc7d", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e866192d-ef0d-5e69-87c7-62f682434928", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:67cbdcd2-d7e9-5057-94b2-d21995cb257e", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.2.13.RELEASE-tuxcare.2" } ] }