{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ec68013d-7146-5102-83d0-2d101ec18a91", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-aop", "version": "4.1.7.RELEASE-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:aed0437b-6bfe-50c4-9744-212244ed5c21", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b1a0eb12-a4f9-5125-962f-582603a721dd", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:68f4f9ac-22ec-512e-8fb3-6fb3cc38b504", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9f732623-e2de-516e-bb85-41062811a65f", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:97ba3733-0441-5396-a6fe-cf0853aba6bf", "id": "CVE-2018-11040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11040 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:25052a0b-35ce-5f6c-b7db-db38d7882522", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a1e56313-02d4-5335-ac06-eb5960668258", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5e9f7186-03eb-5a03-85bf-d94050428d83", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dc089024-3f6c-57a5-b2e6-1932d45366e9", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fc008d16-b0b6-5cf1-b999-888ef6b60e15", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:74233491-0924-5e3b-a73c-0d5797a87c4b", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:76f87664-4776-5e77-a005-fff539c4546b", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0b8b50d4-23b7-5fb5-b734-bff554e1de84", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3687946a-a6d9-5003-9a71-4191a8351600", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:64324e0d-11fd-54f1-8bce-2bd309fe4be3", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8dc8474b-a4f6-5390-b09c-8b840462b716", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:49dec5ff-8ace-530a-a35f-9ff11ad4a3f9", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:376e2d9b-bdad-54b5-a1db-e79022ea6ced", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:31f964e1-a41f-5d7a-b368-b53b2761ac9b", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d364240e-efde-5581-b7d9-ee5f6cbbeb2a", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aaf3d966-bf30-5afd-8f5a-05f066997556", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5b33eef6-2338-542d-98fb-d904e21637de", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1c2a41bd-de2b-5264-a75d-3b780bf07764", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:06b96683-c7ae-5d8e-97e5-fa03dd15d28d", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e5685f83-83e2-58b2-ade5-dc18aca7cb85", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e801caaa-5c29-517e-a3b8-14591219d7b4", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cafb924c-3996-5eab-809e-ae9b1966c6e4", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4ff44ddc-6753-5832-9559-5e0c17c647f1", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:56410008-d3cf-50a5-ae0e-9b11aa42ed20", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e25e2cb5-9c32-506f-988f-b18c5f3a0634", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.1.7.RELEASE-tuxcare.4 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-aop@4.1.7.RELEASE-tuxcare.4" } ] }