{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6b1d62c0-d583-59a2-82f3-d5e4e4206670", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.5", "type": "library", "group": "org.springframework", "name": "spring-jms", "version": "5.3.39.tuxcare.5", "purl": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2d9d2199-991f-5954-9faa-f082716a1b50", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.39.tuxcare.5 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b94ef31a-2daf-5c35-9b3d-4069b8a56aff", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.39.tuxcare.5 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6a830d16-c562-5988-b71e-ed5331122e2c", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.39.tuxcare.5 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0a8ddadd-1fbd-5c13-86af-668e1b4a4b37", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.39.tuxcare.5 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6cb60d55-518a-516b-ae8a-c4cf71f4810e", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.39.tuxcare.5 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0e27e890-3e11-5c45-ad3d-fb53a486d757", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.39.tuxcare.5 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.5" } ] }, { "bom-ref": "urn:uuid:20635d6d-65fe-50f2-964a-67de33ef5928", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-jms 5.3.39.tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.5" } ] }, { "bom-ref": "urn:uuid:978aa5c9-3883-5b4a-8bd4-0a26e8d0fe35", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.39.tuxcare.5 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d86cb15a-9465-574c-9963-9e90bd278d26", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.39.tuxcare.5 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f209e23b-1738-5955-ab1d-0ec7ab22e2f4", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.39.tuxcare.5 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3dfa118e-0354-5b7b-9052-6fbc6b63e9f5", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.39.tuxcare.5 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.5" } ] }, { "bom-ref": "urn:uuid:196913ef-f864-5dd4-b78e-7286f2577771", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.39.tuxcare.5 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.5" } ] }