{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:615f27c6-6417-5a88-bb2a-19b67b23f61d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-jms", "version": "5.3.7-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e18e5bd0-61df-5787-a0c1-08f2ebeb4ff4", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6abfd5b5-f7e2-5181-beba-b0f4d5ab8407", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c775e0f5-9503-5403-859e-7ee7990ef459", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5f2822d-d2a6-5920-b2a6-1634d70e8d02", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2d597bd4-3508-5064-86ea-717261d6dbee", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c3e10c84-4f61-5bcc-a947-d3b40abb5a28", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:02d6a459-54a8-57e1-978c-0f2359661361", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:829085f3-87ea-5c65-a7ef-bc25f7ea9cfa", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b866ce8-3cb6-5375-aa03-e009ab7f265d", "id": "CVE-2023-20860", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20860 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1f57a9a-1458-5a5d-85b1-ced62c7a9870", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:703df5ff-f88f-5888-9581-064f09e18e0b", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d5590556-7200-5f0e-a278-b2e9bd8766fd", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83b71517-005a-593e-9528-9f5f2769a4e4", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:77683c73-08ca-5ae6-adf7-1b11827b5833", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0808c37c-b153-57d7-88e2-4c5a8397c6d0", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5155821c-4367-5d71-b86d-78f89c869fd8", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b77e13f4-05f3-5391-a5df-7616d93002c1", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:022e2d06-6080-5348-84db-2329e952f9bf", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b6d6ee97-e758-5fca-9c10-1eb1286fbaa9", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e43a1371-0a99-5614-b3c4-4dda80691016", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc4788a3-ba5c-51c3-9778-f69d1d9ee74e", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bed98e51-7a48-5384-bc56-7ef37b696548", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-jms 5.3.7-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a75455c3-b6d7-5d08-bc79-e598ef948167", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64dec058-81f2-5587-912e-6a184ec6dae3", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b10225d-a243-5f4c-9f03-2ce399ff7578", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:363bf544-17dd-5304-8ae0-17ddb708109c", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e1f0189-b2e1-5e27-936c-1c76a2113952", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.7-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.1" } ] }