{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:114b83ac-94fc-53c8-b719-5a92500ba4bf", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-aop", "version": "5.3.7-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:62aa1a58-2a1d-5539-abb7-033fee8085a0", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f783a1b-a301-55dc-a6c9-6877c0b9741c", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7fada6fa-4380-5acf-8352-12adc7466cce", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5e5767df-5249-58ec-b288-19e39e0d2d6e", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2dfda160-04fd-5bac-a82a-5b3a91b9222f", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd5662f2-76d8-5260-b2b6-b57ea01bab2b", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f9fa4f6-6b08-5b31-b7be-aa86c877b922", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55975927-540f-5fee-ad75-ee05d8fdfcea", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1bc1e164-4348-5ef3-b5b6-61d5d147d783", "id": "CVE-2023-20860", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20860 affects version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7924f54e-2823-5856-a9ec-3810ac54d5bc", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d5cc2e1-3c72-5b34-a9aa-9542585b5e8d", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c254319a-31ae-59ed-a59f-729bcc96a314", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:79868d4d-953f-5eb5-bde0-5ac5f9c6162c", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4ce005f8-2163-56ab-819e-2efc3e33c11b", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c659fa0e-ceaa-5698-989e-d410ed11e3b5", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e03fd14-f0a1-5805-9c98-dfe8c6997143", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:804ad591-838e-5142-9c0b-b5db5ffca49b", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:22cdadf2-d27d-5d51-add6-a0efea9b09a5", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a147ab84-328b-5b20-9257-fd5c7f2e3fe1", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:722a6449-2d53-5e40-9e80-2a7155ee14fe", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eec99016-1563-577c-844f-1edcd0f3e4f1", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f93413e3-f9d2-54c7-8110-78c2779495eb", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-aop 5.3.7-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:423e432e-bafd-5f0b-8721-d5625622fb03", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fdffc7b9-eca8-53e4-9601-041d2fce25f3", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b286ddb6-8285-5757-8918-b12900612174", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6eb3ac55-c43b-53f6-8178-11446b97c573", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8347b05a-55b8-54a6-9857-f670fa57332b", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.7-tuxcare.1 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.1" } ] }