{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:846ce35a-21e7-5878-8163-f097afa86706", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-messaging", "version": "4.0.0.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5e13ab3f-ce47-5e72-96ad-3f4dacab8e9a", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:afbcc2e8-d93b-5ced-883b-72d08e1b2c0b", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:490d24e1-c51e-539c-ba98-fe198881fa13", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a836d4c-7b3b-56ba-992f-043190521c49", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da44896d-622b-55c8-be67-9e68d7f1e2d4", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3fa2061e-681f-5d35-8bc4-7344369a2829", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:508eb861-beb9-5c09-ad8c-d3209de8ed69", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab6ab7ff-f493-5f7b-be59-34cfbc75b475", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a152ec6b-c674-5e01-81de-a3a53fc4eed8", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e24e25a8-3e38-5f67-98ef-b0b8f7b42293", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:02dae5d3-08cb-5445-bc45-b1521eaad57a", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4d443216-4a7b-5c3f-a821-907cc2e256ac", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2cba597-9bf6-54e9-99d0-39b39385ee2e", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-messaging 4.0.0.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:885e455d-f72a-504c-b793-2bbcbd65e3d1", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c8ea2ddd-aa06-57a6-a3cb-a793c8f2004a", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2649b794-a905-568d-99bb-4c3539c6600b", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:704e6b2f-69a7-5598-aecb-0db889c23603", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:98cd5951-aa0e-597b-b452-a18ee53cc3ce", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:70d86637-e121-5d53-a0e3-cac31938ba5e", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b3bf6d1a-59a1-5f07-9253-162f333a898e", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd57da0f-43ca-5418-940c-90228f22d878", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a2abcd8-8c2b-5f2e-8b53-3c4b98a50017", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca5b1906-c182-5c79-98e4-ee1f13172766", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3bdd4132-f4fb-593e-a0fe-4020c5f1f69f", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b999976e-040d-5c87-9f5e-4f35f791b127", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:753d3913-b6ce-51ea-9d85-29da8d2154ae", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b296b82-93b0-5f91-8842-e7212e49f6a0", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:568c0efe-7b47-5af2-9751-fac42d2ace30", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8128ca3b-6e09-5850-bbae-76631f2ab738", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a29d236-7a9f-59f5-855d-757a8729ec43", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ffbe720d-4bff-5f6a-be72-9324624afc6f", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2fb68204-889f-5281-b914-d6f9784643b5", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba0f419d-8a1c-564c-8042-4313c34b2f38", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df82ae7a-cef3-505b-8d31-257055b33b82", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5231bdf-95d1-5f16-ad78-342baae6674b", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1189f8c4-522f-50ea-a0f3-387cb33d28a3", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:67e11d6d-d80b-5474-968a-fc096f00d845", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4237dd12-5fbd-541d-a102-84b84427b14e", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:125067d9-3349-5a5a-907a-4581bc50ebdd", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:85f010ef-7119-52b7-b445-6f727feb16b4", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.0.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.1" } ] }