{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7c19867d-097c-5cba-899b-b8d9e3593ef0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-jms", "version": "5.2.0.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cfa6b146-e65c-5e44-90cd-f8ac21b9098a", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0a74159b-a3d0-55f8-96f1-2691e1e7c2d7", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6833edcd-b3c7-5cac-9b6a-2db84bb97e84", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d9505430-fcd9-5dd5-bd26-d650fdc828fc", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bf7c55b3-04db-5a10-b506-037d086de1bc", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:72a0e9a8-ab41-57d8-a98d-5d0b148e9ae1", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:34ee3af3-f056-55f6-b073-4a13b323b94c", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4d6fdb76-f945-5b6d-ad45-17ac1401fff9", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9da720e6-4d9f-53f5-bccc-0f968edeeac2", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eba42ca5-f41e-5295-829d-c03cff1f90e6", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b42b56b0-364a-5329-8aef-7ed80329c487", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0a661e6f-67a2-5235-9eb1-08d3db9a1336", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ddc0983d-e4c3-51e5-8224-282239393e30", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:019d9ca2-ceff-5f82-877c-5d7288f46d6d", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:44cf12b2-9641-535d-8de3-89cb5d36af10", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ea24e859-1aa2-5912-b059-86688323217c", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b49609a-abf2-5821-89d1-42bce728a76f", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:580471f5-02eb-5794-9fed-1156bf817826", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ffe108f8-6950-56fc-8807-a6f6c1e39076", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-jms 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c20faf08-27e4-5507-a8b2-d8c3e5b95fb9", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6bb91872-6671-5f82-81d9-12e23dec5715", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c586c7ce-7bc1-5005-8dd5-6bb9df094889", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4a3c698c-b66c-5de0-a487-02db8df71edc", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f844c706-34e3-5986-bd0c-014dbc39e94c", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-jms 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:066c40b6-83e5-5ed2-a734-ef7414c2127f", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.2.0.RELEASE-tuxcare.3" } ] }