{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:077d3ffc-ae4e-5029-8c84-1e0b67a1ed30", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jms@5.3.39-tuxcare.7", "type": "library", "group": "org.springframework", "name": "spring-jms", "version": "5.3.39-tuxcare.7", "purl": "pkg:maven/org.springframework/spring-jms@5.3.39-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7738c744-e4e8-59d8-8872-873ff479e04c", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.39-tuxcare.7 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:09a0d833-0ef4-50d7-bae3-60948a0ec922", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.39-tuxcare.7 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f913906a-8e2d-59d4-a08a-806ea4a966d3", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.39-tuxcare.7 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d240f1d3-bffa-5324-acd9-8205e270a333", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.39-tuxcare.7 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:156db124-181d-5c69-bae9-66d27b0e41fd", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.39-tuxcare.7 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:344c4341-82c1-59bb-b3fb-baf9f37feae1", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.39-tuxcare.7 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:dbc25693-8b30-5ec3-9e81-e8176bf5b744", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-jms 5.3.39-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0b436dea-6ae8-5ac2-8565-c4a8dfbb245d", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.39-tuxcare.7 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:68cda0bf-0860-5295-9abb-e459818a35c4", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.39-tuxcare.7 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f74a1600-0fc5-5e15-a355-6bdc2af42d1f", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.39-tuxcare.7 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:da1a14c2-1df2-5c38-a209-f63307d4cc10", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.39-tuxcare.7 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:be2f0d5e-eb50-5535-a5e3-bf31ed9237f4", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.39-tuxcare.7 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39-tuxcare.7" } ] }