{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:41cb2ccd-b2a5-5900-8d03-676da6320049", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-aop", "version": "5.1.5.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5790cddb-29f4-59be-978f-e7e0105a85b8", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a63f1af-646b-5a58-9a64-a51889fc0ebb", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b8adc53-ac86-5103-acad-de2c81891686", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:da5865ce-9025-5dc9-b64b-8fdcce024fce", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:519cb1f0-3d34-5f87-84a7-c08ea22e8e81", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c839949-c687-5351-bc3f-d8ee22955197", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1038b2d9-0f2f-55c9-879c-32103ac19f2a", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf41d807-ec4b-59de-a7da-410bb1319ec3", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:98f7f925-3542-58e3-85e0-286dc7144ba3", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f823ab09-ae73-5169-9816-994a54e5c5d1", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2acf34a2-948e-5cf1-a67b-7f88c757840c", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c81428a9-1c7e-571c-bebc-74c7987ba672", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8dffeb91-cb69-5367-b8ae-b9c44568f783", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2cb90cfe-1851-582f-a944-97bf798c4e29", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a4aadb15-4dbe-56fb-ac3e-ede217fc9d92", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:afd5d11d-4279-552b-a7a7-e2a029ecf411", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:48f70467-8aa2-5b56-92aa-7ad3dd7c8c9f", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-aop 5.1.5.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ac5f6998-814b-5cfd-a555-1044883315a4", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17906584-c7a3-57c1-a4c6-b3abaf0da7e1", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9ff1f70-f48d-5f9a-8680-2a43b1ce622f", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8ab918bc-f35a-5866-975d-bb2b0939582f", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c4b23b5-ff47-5408-9ca2-ae0e55965957", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77132449-bad0-5981-850e-5f1fdc8bc60d", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb6f1803-6f53-5d9b-ab1a-80bea18c05d7", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9fa00129-4782-5bc7-ad5a-9923dbe8be03", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ffa5a977-4825-569f-9e20-a72585b5d1b7", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b5f32219-ea31-5d7d-9052-055c88c09b4c", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d75dd807-008c-52cf-a296-eecfb4331d13", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:344c2001-31f5-559e-89ca-30057b5c2028", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.1.5.RELEASE-tuxcare.2" } ] }