{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d345bfc4-6a2d-54a0-8157-956f8d300dc9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-aspects", "version": "4.1.7.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0664df13-6f16-56c4-b743-762f8518dc3b", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a1a4ab80-e0c5-52f7-81ff-16213ccbf68b", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7e8f433-be55-5f2c-83c4-67d8a9dd09a4", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:966683f9-bb42-55ac-9890-e96f72414dca", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f91aea6a-6903-5780-8b50-0a1a41a53174", "id": "CVE-2018-11040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11040 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e266124-a46c-5c65-b71b-9c79d2b5283c", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:630d186d-f523-5fac-931d-a58211b5d8a7", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b1593e0b-b53d-5c66-9175-32e26de54088", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cea7a7a8-a1be-5e39-bb40-f92c9d50f9d4", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:660534cf-6607-5715-8694-44c8fa406eef", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:47896001-0aa5-51b8-9fa5-7e9be24f79c0", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c0c495d-7948-5ee9-bcfb-9f27e192d968", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a76ff55-c690-5c68-ab9e-2572a7f28ae3", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6feef43e-8c93-5801-9cb7-9b99a86ff6a3", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b8167055-4ad0-5218-a2cf-f12bc5fb1c60", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a69b8d0-6e5f-502e-94f1-ffc4075b21e2", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:53029a97-8987-5fca-ba0f-056d8a8bdadb", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fecb5c02-c358-516c-ba31-0f7d91e32178", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9febe60d-2fe7-53a9-a74d-2a463374e77a", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3214176c-8b00-5a6c-ab06-5b0b2083224c", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:82f7a243-32a1-548b-b0ac-93fae078cc97", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:04332159-c106-5bc3-bc8d-853f6de5207a", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ded4535d-7600-58c4-9cc6-acb3a23dd9ec", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c3d8f5b-c5ad-5e9a-8d01-c18b7494ef27", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cccfe18b-8db5-5a9f-b6f8-3ae7f77e804d", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c6621677-4beb-5eb7-a233-1e0f00406d02", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1e2f26f6-340d-59d5-84e4-cf53900b8d55", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:749b3a64-c8fc-5cbc-a12f-47b4c6cda4fe", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:22a65e67-5df8-5038-a1e1-1236ad396767", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3946578d-e523-5e80-9dd1-d19d5169efc9", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c34708a5-ccdf-5a5d-819d-d5ab08811cc7", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3705842f-8e2a-58b7-8d63-4c280baeae01", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eff39ef8-899f-59eb-9729-805bbd74d790", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2dc1971b-51fc-5ecc-80b4-706d4e714438", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:461d2f0b-27ca-502a-b68f-4e132149c0fe", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:26fd0965-8038-5692-96e9-14f25fc02b25", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96ccaa4c-e8fc-5d51-b234-677dbce26c18", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6181e9c4-c9d9-5354-bedd-4628239a8293", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ca53b13-2cba-56f3-81fa-16bbfacf94a6", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:076aeca8-2a0b-5993-ad73-879e6927c63b", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9b70930-4b82-5055-88a4-5ae96a164859", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2016cb1b-631a-5dd8-838b-6b64b1704372", "id": "CVE-2026-41852", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-41852 does not affect version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects. not_affected \u2014 Spring Framework 4.1.7.RELEASE is not affected by CVE-2026-41852. The vulnerability requires record-style property accessor support (empty-prefix method lookup), which was introduced in Spring 5.2+ and does not exist in version 4.1.7. While this version lacks void return type validation for getter methods, it cannot invoke arbitrary zero-argument methods as described in the CVE." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c041e4d6-d5c0-5ea9-bc46-2152f6c760ab", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73532ef0-cdf6-5b1a-9fe5-653287f05175", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-aspects@4.1.7.RELEASE-tuxcare.2" } ] }