{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3af72e69-bf95-5ecd-88c2-1b70ba9a581a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-jms", "version": "5.3.7-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:41709b6c-bb9e-5d3e-9277-f71870fa6ee4", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9c381396-681b-55e3-8845-da702339c74a", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6c083f67-4cff-5ebe-be36-df1faf8c59bb", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ab416fe1-a488-51a7-9339-75ef7bec7474", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a884ae2c-e22e-51a3-96a4-3e585a9d4ab1", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a63b2701-e27b-5444-9c06-51e44504b433", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2f1380cc-6802-5c9b-b032-4b8ee4cc9caa", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b9c9f31d-53cb-55d2-b2a6-b785dd64f721", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6bcc540d-b78d-5efd-9a28-23c5dddf828b", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ca3f9c0-dee3-5d87-90d5-a0acf01e6462", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0acd6f0d-7df1-55f2-89cf-ab86004d55fc", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f3e421f-40e6-52eb-bc7e-53f46d10638c", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:09397038-54a1-5464-987f-b412bdba2cba", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:773b9fa3-0208-5c81-b2cf-480ea3dc549f", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a1c5586-ee72-5158-ae0c-289dbaae94ca", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2cc35706-ea55-55d5-bc24-706d427fd631", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5385043d-fbb6-52b5-a4b7-a49511c52615", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f95f717f-9a42-5da2-b543-94d88abb29d1", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df24f275-b3e6-529d-b04c-335074218abe", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e4589a92-f615-5e29-9213-df0d8ef1a372", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a93b7719-9570-5772-9567-47781fff3a91", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e3c328a9-1a2a-5342-aa5b-5fa3547c1157", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-jms 5.3.7-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d6e1b76f-2fcf-5e55-9c59-b772961ad8ff", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a7e223b-0db4-5201-afbd-c32de0ef2b71", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2ba9ece2-f0ab-56a3-b982-19feaf7479da", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:050b133b-abb2-5255-828f-8400f9ff471b", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:18cbceb0-d4f4-5304-9762-ae59a31f83ce", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.7-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.7-tuxcare.2" } ] }