{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:215f5a52-61fa-5fac-8fd4-87ace02fd8c9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-aspects", "version": "5.1.5.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0f8858e9-ae49-53a1-816b-d85cb3a15024", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:68a768c0-1b92-5d6b-ae12-1026ec51bf76", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:833bb5d4-926f-53f3-84dd-40f6f5273a67", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:71645773-a50e-52d0-8adf-1a1a9c4ff65c", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f77c7cc3-ba4f-568d-b70b-ab7cc39e63d1", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:38bcfe69-138c-5f45-9631-85d69b63722f", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:40a5089b-caac-5dc4-96b1-e160723160ea", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd5d3f1d-60a5-5851-a335-11d55c6bb366", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e762f147-000e-5361-bcb1-2b969eabcf28", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2ca31c01-7ed8-51ae-a046-3cba4dc1b22c", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b53d8362-3d91-5c9e-bdbf-92b7288d2f4c", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:41bee951-4b09-5d27-b621-60458e768d56", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:47f9f801-80c5-52d0-85ea-9719db50b5c0", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b0f5d31f-d9df-5e78-9b57-fbc0b4522d11", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0d102da3-89d1-574a-8562-d1c76a582903", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:09d96018-526a-5088-a0bd-46b7bc4ed27e", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eaf02527-5679-5035-8898-e2fa76fbdfa2", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-aspects 5.1.5.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:27074bf6-d674-5f3a-87d1-dace2336a5fb", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19b24cc4-9607-58a1-bdf6-fc0cc642d9cc", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:68df193f-5246-5b8e-90d4-6fcb89ad4a71", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a9e5c67-5251-56c1-b7b3-87299b201a1e", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b8791f74-e3f4-56b2-bece-faeaf480e1be", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3e0bf7c8-e5a2-55a0-8f58-85310489ede2", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eaa82fcc-91d3-5501-ba85-29ff36923ca0", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca15d2ab-52d2-5749-8900-a4a00db3be47", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ddcd883f-2232-522f-9d61-23f89299f746", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ca3c858-f9b3-55f3-a28f-c77ba8184f22", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a5eaa3a-57ce-5c0b-a0fc-e1b75eb0ba5e", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b8648bdb-128c-5898-98a5-0ddbd16c9b2d", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb3f9754-54d8-58f7-a1ac-74d5218da86a", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a399412-7a82-5f5d-bb30-0816c464e5f8", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c7b5ee45-7ab3-5760-8f26-70fde21254a8", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c95c5565-52d7-5880-8374-3e86a5948ed9", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:48788270-9409-5a89-bc34-8860f8f02442", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b7ec4c44-8248-5ad2-84c2-567e882e6b27", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1dbe8d33-049e-5522-bddc-7a11aefc78ad", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b938e25e-06c4-57f1-a5f8-e73c102c1e9a", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ffafc78-fe97-5419-b6b1-fbd42671ab3f", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:361a1751-07b6-5798-a9c0-6753dce5e279", "id": "CVE-2026-41847", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-41847 does not affect version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects. not_affected \u2014 Spring Framework version 5.1.5.RELEASE-tuxcare.2 is NOT affected by CVE-2026-41847. The vulnerability exists in the Kotlin Router DSL filter function, which does not exist in version 5.1.5. The filter function was introduced in version 5.2.17+ (September 2021), after this version was released." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a721638-a8b4-51f2-ab0b-19e26e62bfb0", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d98e4abb-ddca-576d-8373-c6982738583e", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a0e09f9-85ab-5839-8f54-832e02faf086", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:75aa1f9b-4ba7-5c5d-b824-84d1bf812558", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3d3bfa2c-08ad-5237-857c-961d0174a0b7", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a332aeb-238d-5426-a75c-01e93d869f14", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90d0ffcb-7eb5-54ba-8d91-a978e579e78e", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-aspects." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-aspects@5.1.5.RELEASE-tuxcare.2" } ] }