{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a012ad13-fc28-57c4-8d11-55de3dc57b9b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-aop", "version": "5.3.7-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a73fe239-e2ce-51dc-9fdf-faf6ac497ecf", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dc182464-2324-52e6-8896-b9f63651112d", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6d4447c0-4c9b-5376-8a9b-4b53c2f8d19f", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7072f50a-4980-5467-9c68-5b1168ed40c4", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0111a8e1-b642-5aea-bbd6-507014e7bc1c", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7469180-de4c-5fb7-84d1-c735feaca737", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2614b3dd-b2aa-59da-93c2-dfa9d9113ea4", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:44bbd7bb-75f8-59f3-a385-9c67a8891e16", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e89759d5-f08f-5472-ad07-15f1618154c8", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c2abdaf-ddbd-598b-b467-97a9195bd8c0", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d2579b35-a885-5a3c-95bc-2c3e1c1f54a6", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0215ac23-020a-571c-8992-55262319ab64", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:60510341-53f4-5145-bc25-3d05822b5fe8", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc86f292-c170-5f05-8532-870670323955", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fd782183-7c04-59dc-a598-2459f9465282", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d0d2c118-c7bf-5b3c-8c95-84dd5b1851f7", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec7b6c71-d13b-5cfb-8b05-a62380a94163", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e1ee01b8-eccb-59d5-9c8f-acbbd4e0bf2f", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:12d82eb0-4d45-53ad-b243-0e357d00bc4c", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2351cecc-9d31-5e1e-af04-334e519503e4", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:60d9ce2a-192f-5c7f-a08f-03b9034c4bc6", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b28c3b54-cb2b-5cf6-9521-f0506323be1a", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-aop 5.3.7-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c30e07b9-7cba-55e3-b574-f8e45931a444", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:32f6b3bd-532f-535a-9b5d-ba25dc7e86a9", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:87ec3015-e030-5a02-91dc-c64ac620fb33", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3ed4f62-d41a-5c21-b1f2-cb5aebdc1a42", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bc0745e6-a041-5c76-8fc1-bb411c08aacd", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.7-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.7-tuxcare.2" } ] }