{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a27de1ce-2b84-5978-836f-c2b9e4c759a8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5", "type": "library", "group": "org.springframework", "name": "spring-aspects", "version": "5.3.31-tuxcare.5", "purl": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:29e4cf88-9f46-54c4-a3f2-334de7eeac84", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:df5ae89e-73f9-5c33-a221-9ac0ea08df65", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2c335a5d-4bf8-595f-8df1-a82856f982d0", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5413fd42-cfd9-5d70-9dd7-e33264e031e2", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f0adc943-0685-5752-a460-83b1dbce615d", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c52d8e12-71b8-55af-855d-fcc03540cc50", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ce7c10c7-ed6b-5307-843a-0d063a105ff3", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d6f3cd62-2706-51ac-9318-de25647806d9", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8c5a1e11-a335-5812-9389-516916ae1be5", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:176534e9-1c1d-53c1-9a61-043b97332ca9", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:94366753-8410-574c-8133-9040bea5a590", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e3e70643-edda-5d2c-8e41-3400ee85ac0d", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-aspects 5.3.31-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a2e3bce3-c7f4-5e32-a7d5-922ff9c60870", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8b9aa8ff-4f63-5bd6-be4f-5e1505d6b800", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c6ad0804-f44a-5b43-b1f0-20d781dca93c", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5d79cf72-7bd9-5c53-9c40-4e04a20ef8be", "id": "CVE-2026-22735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22735 is fixed in version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1f9f82a2-db10-586e-92d6-b089489b4c64", "id": "CVE-2026-22737", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22737 is fixed in version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c57e3a13-bdc4-5bb5-ae53-6d4fb49fb573", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c5244b07-48da-5362-95c3-ea867342e5ff", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9fc7f965-40de-564e-b118-dcf863f400ad", "id": "CVE-2026-22745", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22745 is fixed in version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3c44eb61-ded3-55b2-93e1-a3134896ee2b", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9d2a00d9-d200-56d6-9659-cc7461e1c853", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b1fe3614-7278-5e16-b9e2-191d66b55b3d", "id": "CVE-2026-41840", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-41840 does not affect version 5.3.31-tuxcare.5 of org.springframework:spring-aspects. already_fixed \u2014 The target repository (Spring Framework 5.3.31-tuxcare.3) already contains the complete fix for CVE-2026-41840. Both required doOnDiscard handlers were applied via commit 615477c88f (labeled as CVE-2026-22740 backport) merged on May 4, 2026. The code changes are byte-for-byte identical to the upstream patches." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:799f8009-d96e-5204-b668-65087a1a1f27", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1265cd11-8b01-5f2a-8507-32a4c66be723", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9181ffb1-a21d-5d0a-a071-55e9988957f8", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0e5a2b44-f5e6-5524-bf6c-66563c933cca", "id": "CVE-2026-41844", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-41844 is fixed in version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:74ec3478-b163-5a14-88db-d73a2d861bb7", "id": "CVE-2026-41845", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-41845 is fixed in version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e11ebd9d-de49-5517-a8c7-cc5ba737e016", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1f7cf98f-3f24-53b3-b0c9-6b821575232c", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2d0681d6-5322-58a4-94c3-36be234bc0a9", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2040c713-ca76-5862-ab4f-58b4a4801eb8", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8bb61ffc-c0a2-51b8-9bc3-9c02250b2144", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:61854a9a-a0b1-577a-add9-dcc0d39dd0b8", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:37028d91-cfd2-5790-9f4d-a66b3024e85b", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1d8f4ddc-0e0f-5c92-b238-c5f16989502c", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6de4ebb9-d28d-562e-aeb3-70159c3ee579", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.3.31-tuxcare.5 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.3.31-tuxcare.5" } ] }