{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3dd32877-ccf3-557a-a7e2-426ca7db66ea", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-aop", "version": "5.3.24-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4c398404-0836-54d6-bda3-9b36085083ec", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e7ed7c68-9d30-5a1d-ae41-913368a54936", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cea46951-27a9-51d8-9c2b-8484ee8e0c19", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eca6e574-3c8a-529d-861b-6a7d64f2b680", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:61274664-f41a-5eb3-bb6c-3f3882d46439", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3affc2be-2e25-5823-846f-2c5a780b57ec", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c7dc0433-1f25-5ffb-85f2-8a04cade6f6a", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:383094c7-f213-5fac-af2b-81546c10c845", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eca1d980-44d0-51be-aeac-deb19a986c58", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5cbe0b98-cc8d-5253-94c6-47f24772a18d", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3dc880ff-ffb6-5060-bac6-e7185c41a054", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:14e0d8d8-afa3-5804-84f0-c02db2874661", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c320e41b-dc6b-51ce-ab28-91916263f205", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f6189329-af35-5cc9-8088-01fcdd462eb4", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9b25d8c6-2bbb-5925-bf6a-bcf5e1bb40a5", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:26258b6e-f8f3-5a58-9c1a-37b85f320b8a", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6ad321b3-9a81-5f11-bcdd-c49864ec5cc8", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4ad55e0b-e547-5575-b033-d0849e271062", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:faf71624-c371-55a2-99cf-580e9a31bbbf", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:709d9d57-527f-5dbd-8f0d-046b2d7d0566", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4d3f04ed-4ae9-5ba4-970a-7c19f8d1cfd6", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:df17156c-c9d1-5bc6-8465-9864e1233bd8", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ae34f730-890d-58a4-a856-18d499e0636a", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1c559d02-1955-52c6-9457-095b8c443a9f", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:def2243e-1df5-5508-ba78-484d40e8d566", "id": "CVE-2026-41840", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-41840 does not affect version 5.3.24-tuxcare.3 of org.springframework:spring-aop. Patches already applied: 7052da453285658215efc1dd5ecb0d472fde2de1 (already in target via 2c11852775 'Backport CVE-2026-22740 to 5.3.24')" }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:520d7886-a7c5-54e1-b109-0bf32c51388c", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c67c0210-614d-5643-8039-7912577a3809", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aba6ceeb-ad72-59e2-ab10-c3fa10600040", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d8e189cb-edb9-57fb-a881-1f27f9560b29", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2122c136-c503-53ec-889e-7e69c21f92fc", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a3398cd1-7cd9-5801-b4f8-5b06d756ad5e", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:382ecfd2-6361-5ef8-922c-6904f6f2f789", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d9823c02-8e41-55e5-b5ac-cabc30c6e080", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0f4cb515-8c3f-5b69-836f-527ca3da24e2", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:74d7def8-d47f-529f-b952-d2c50ef451c0", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d7be69e0-c35d-5353-a67d-1fcfbc38cc80", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:301c1ed6-ad65-5e35-973a-90feec44af1e", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:48097eb8-866e-5f87-abda-c2f8f8e75db0", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6c5ac6b8-9642-5026-9411-a7a814069107", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.3.24-tuxcare.3 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-aop@5.3.24-tuxcare.3" } ] }