{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6e80c80b-47a9-5ab1-b21c-95953de3b9fc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-jms", "version": "5.2.0.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5537134a-5128-5cd1-bdf3-d10ea8e981c1", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd8e5fd4-adf7-58bd-9a4d-17a2ccd56ae9", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3bd4a50c-300a-5f9a-a804-30c5dc078eaa", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:52888204-22c3-5517-bb55-531fbaa6c74d", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5765747e-a72c-5a8a-b5b6-a2f7ab4e17b1", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b5e47056-56de-5546-99f5-843bafaea68f", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5b16eab1-9028-5aaf-8a9d-e9fc1644789e", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7991852-2f80-52ec-9890-5444ad7162e9", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f19944cd-3424-50dd-81af-09bde6e0ecc6", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:357e2698-7595-52fb-9292-1ae817644260", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:16bd712e-fb61-56b9-93c6-02564546b452", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b8acfaf-778c-5296-94c6-228d7321bf11", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bc306cbb-e174-5000-a38d-29dc7b1d53ae", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7ee0fb93-8167-5d36-9f55-708d8ed37187", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ad0cddd4-316a-5627-8d93-0a6182c27e0a", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3a6b4443-dafc-50f7-a02a-b9086ba592b9", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d5769472-2f01-5399-b914-0f3545c4b6fe", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b36668a-6732-5745-871b-d4400bd11bad", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:70fac595-c968-5bea-a3f2-3c38aca26e22", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-jms 5.2.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c6b87423-24e5-5025-a104-e1d217e45076", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5fe7fbaf-cb2a-5c70-b7be-eda030addb71", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a28f4e4-82e1-5517-9bc3-c97ffd6933e6", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:263f5c99-3689-5a02-b77c-693a7ab1949a", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c8785ddc-50e0-576c-9891-651a4aa36032", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-jms 5.2.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6ea99328-1674-592f-a913-3759ad9ab855", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.2" } ] }