{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a2858de4-648d-5f31-8a5e-bbd2585b5843", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-messaging", "version": "4.0.0.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:43126ebd-5ab1-56da-b42c-c261f7d3cc31", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20cc4934-98e5-5e0b-8fa1-484ce6b636ff", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96e7afa3-1d8a-56f4-9af5-a4d59eb8107c", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c9f21b0-c83e-55ed-ab39-0d9cf938ce18", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:52466ac8-4531-5a63-9db5-53bb01ba5630", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a9bbca60-3dca-5d1b-b14f-3f98abc88ba4", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37e7ed7e-3a31-5042-88ad-d85b3e35f094", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c5ab1672-8021-594f-8925-6a8a5caae875", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4cd2a35f-f56b-5fef-befc-c38c5efe7a98", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:816dcd65-ae91-5226-b1ee-28d01a339d3b", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e01e47b1-03a4-56ea-901a-e2b44a6b5513", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4231f9e7-9f1c-5ed4-9a60-130df6563dab", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d55a4966-e14f-56cb-8e7a-57ccd96c1d55", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-messaging 4.0.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0329d09e-5475-54bf-89ef-a8148a8844ed", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37b7e272-6938-562e-9b37-4f9f046d10b7", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:982802e7-8dd4-57c5-a9a2-a5423ce0c590", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:74795d6c-848f-503b-88eb-dda5fb5829ad", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b6929611-52b1-500e-8a36-b6a466d28976", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0e0707e7-c7b5-528f-a76d-376879526b2f", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:82192100-9779-5d0b-b69b-a2abd1c49777", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:67bdcfd2-5b07-5a2b-8073-109243de6cd2", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28ac9547-d688-587a-acff-8fad08795b45", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:baa0b396-a798-57a6-ad2f-b0e8658bf1f0", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79f02e67-8570-5f13-a0b2-093dcf3c1a26", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:de4d6ad6-c681-5ea5-bb0c-b0e83d186574", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f8c795e1-f80c-5a42-a41d-6dd05414114f", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:14467de3-00c9-5d74-9e46-e6ea088635fd", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42c8ddfe-e795-5738-a783-c563f5dcba66", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bfbc8eb0-f38b-5a8d-8cf4-e699cb7d9bb2", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b27387cd-2540-5757-ad3e-46fe9d9d4eb9", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:58abadf2-d871-5eaf-a0ae-d8392141b078", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1debbdc1-e124-5956-a7e7-ca7b1e1bd3a0", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:532d284d-b7c9-5bae-b7b6-a90a2b6ee7bf", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fbecbcc0-508a-5b76-ae21-9e606bf7adde", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:94e5cf56-f1ed-5df4-b59f-135ba799440f", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a4a0145-1d95-5667-bbbe-fb66b6f1b05c", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ccbc8a6e-4c46-54cc-ab3b-f23e94bb6edf", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b658c98a-b934-5db7-a7cf-6e609e45731c", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ab6ea2b9-30af-5236-b5e4-468580974406", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:80bd281c-b09c-5fc0-8fdd-4d150996519e", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 4.0.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.2" } ] }