{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2b6a3dd9-73c8-584f-bbf1-3ad1270f2124", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-jms", "version": "5.3.39.tuxcare.1", "purl": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f9ecc985-3fdc-558c-9dd6-bf4dd68d747d", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.39.tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:268d2649-2c63-56ab-936b-db0682a4767e", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.39.tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:849af310-6921-597d-bc76-0b15c6da3983", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.39.tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1451a3c1-335f-5576-8070-55746a7c5454", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.3.39.tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd5bf08f-15c6-5674-84bd-5e840418c1bc", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.39.tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2cdde7ab-0ec9-5e67-9222-bede1dc119ba", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.39.tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95e80a41-4946-59e1-b750-5a51467cce4f", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-jms 5.3.39.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e14b590-4e3a-5ec4-95ef-00e3d972bf27", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.39.tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:757584f3-2cbb-5323-affb-61570225e076", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.39.tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:135244a6-f875-5927-bb39-ff08d4aa9661", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.39.tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8db892e9-a1e3-5b10-96c9-7c4cf14258a4", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.39.tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d2aba865-1a69-5027-b212-ce1ed79aae45", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.39.tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.1" } ] }