{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6696fa43-3d39-5f58-a280-2ee1db0d2942", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-aop@6.1.20-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-aop", "version": "6.1.20-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-aop@6.1.20-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a6f7c49b-826d-58d4-8ce4-0274ed8e5955", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 6.1.20-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@6.1.20-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6948b152-6467-5d00-85f2-15d9eb452c7c", "id": "CVE-2025-41234", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.1.20-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@6.1.20-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:93fff50f-7821-5848-9ec6-87cb8895feba", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 6.1.20-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@6.1.20-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4dc2a2dc-7cb9-5039-ab54-f84ad923a938", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 6.1.20-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@6.1.20-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2cee42e-40dc-52f4-ab69-bf172fa2264e", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 6.1.20-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@6.1.20-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e59c28e7-6ee9-5951-afd9-455c6925634d", "id": "CVE-2026-22735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22735 is fixed in version 6.1.20-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@6.1.20-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1e65f86c-fa5a-54d7-9ea0-e1773c20fed2", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 6.1.20-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@6.1.20-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:186db353-e709-5dcd-b2da-a52abe57a523", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 6.1.20-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@6.1.20-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1e9161f6-8d71-587b-9c66-4ca08d1a5c49", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 6.1.20-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@6.1.20-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4882b0f1-06c0-5f53-856c-8f981d9d99c7", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 6.1.20-tuxcare.2 of org.springframework:spring-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aop@6.1.20-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-aop@6.1.20-tuxcare.2" } ] }