{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:cbccbdf7-e3d4-509f-adde-6cd946fc1cbe",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.3",
      "type": "library",
      "group": "org.springframework",
      "name": "spring-jms",
      "version": "5.3.39.tuxcare.3",
      "purl": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.3"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:eed3af06-e079-5b57-bd9b-74494c6e41ae",
      "id": "CVE-2016-1000027",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.39.tuxcare.3 of org.springframework:spring-jms."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1d9600d8-3cac-55aa-a93a-db6756dfb767",
      "id": "CVE-2024-38816",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.39.tuxcare.3 of org.springframework:spring-jms."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:cedc53bf-75a1-5337-9bee-652c16e124be",
      "id": "CVE-2024-38819",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.39.tuxcare.3 of org.springframework:spring-jms."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6234d69a-0de7-532f-b44d-06678d04f297",
      "id": "CVE-2024-38820",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-38820 affects version 5.3.39.tuxcare.3 of org.springframework:spring-jms."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:0f890d07-492d-52c1-8a6b-dafd23b54fae",
      "id": "CVE-2024-38828",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-38828 affects version 5.3.39.tuxcare.3 of org.springframework:spring-jms."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:833b740f-f084-5faa-ac40-9ffce0eab263",
      "id": "CVE-2025-22233",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-22233 affects version 5.3.39.tuxcare.3 of org.springframework:spring-jms."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:7f17ae7a-6f7f-5ba9-a4d4-3d41dd13b20b",
      "id": "CVE-2025-41234",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-jms 5.3.39.tuxcare.3."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e4af2628-8000-59ee-84b5-fecb409fd431",
      "id": "CVE-2025-41242",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-41242 affects version 5.3.39.tuxcare.3 of org.springframework:spring-jms."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a5c52abe-299a-5717-aa29-1513a5239510",
      "id": "CVE-2025-41249",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-41249 affects version 5.3.39.tuxcare.3 of org.springframework:spring-jms."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a851bab4-f7eb-594e-b414-1ab350412df7",
      "id": "CVE-2025-41254",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-41254 affects version 5.3.39.tuxcare.3 of org.springframework:spring-jms."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6d0f0e5a-74c9-5c3b-bcc9-01f681155410",
      "id": "CVE-2026-22735",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22735 affects version 5.3.39.tuxcare.3 of org.springframework:spring-jms."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:affbdb18-6eac-57db-b218-a5e20caa08d7",
      "id": "CVE-2026-22737",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22737 affects version 5.3.39.tuxcare.3 of org.springframework:spring-jms."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.3"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.3"
    }
  ]
}