{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6a161619-517e-504a-a463-431e93124a4f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.6", "type": "library", "group": "org.springframework", "name": "spring-jms", "version": "5.3.39.tuxcare.6", "purl": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ec1d81a0-6475-5ad1-bc96-a81817eadfa7", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.39.tuxcare.6 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3dd78ee8-066d-581e-8e85-6b0e864c4ac0", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.39.tuxcare.6 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a9c71933-5a3c-5a6f-ad93-5dc01fb89079", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.39.tuxcare.6 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7d383216-af49-554b-be5a-204556d49614", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.39.tuxcare.6 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6ce7d12c-c68c-5928-b847-f541882de69b", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.39.tuxcare.6 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b4fe3827-cafa-5da5-a85f-3eb2763c9eda", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.39.tuxcare.6 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.6" } ] }, { "bom-ref": "urn:uuid:74262f33-2705-5b45-8e40-54f34ba8f493", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-jms 5.3.39.tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.6" } ] }, { "bom-ref": "urn:uuid:673471b9-90af-5693-8ba7-3551c82f4968", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.39.tuxcare.6 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.6" } ] }, { "bom-ref": "urn:uuid:419fbcc8-e703-5a07-b002-51e0eb13fccd", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.39.tuxcare.6 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.6" } ] }, { "bom-ref": "urn:uuid:644a84d8-7a10-5989-846c-ff3dc8dfca24", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.39.tuxcare.6 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.6" } ] }, { "bom-ref": "urn:uuid:82b0d0d3-9a1c-5c69-a9fa-2cb5d8a5771f", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.39.tuxcare.6 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3175246c-8270-5ea4-8072-ebce31317bb3", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.39.tuxcare.6 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.39.tuxcare.6" } ] }