{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9f7ec544-f581-531f-a747-c17bb978d7b5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-messaging", "version": "4.1.7.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ac01bb4e-e60f-54ab-bbef-4a5f7861a944", "id": "CVE-2015-5211", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5211 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ecbf297a-5c8d-5849-8f0f-8341e9b1bc94", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a17151a3-7b1c-5bca-b8f8-ff2ef03369e9", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be448411-6067-553f-9793-b0099cbb2874", "id": "CVE-2018-11039", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11039 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1e55c40-351e-5019-8f7f-7035c386da24", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee9043fb-7637-53d1-bc50-103f022edf3d", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b6c1706e-b4ce-5f8b-afd3-d8de5aefa9fe", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ea0e971e-89d0-50d6-bf4f-5160fbbb0891", "id": "CVE-2018-1271", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1271 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1d95853-5cbc-51c6-b535-4715a609dec3", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5a2cf53-cc1f-50d6-84ff-4d69ba96b855", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:658e71cc-0047-5a16-ab60-289f57164124", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:539aa728-48f6-556b-a274-46a6079533ad", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0d0457ff-d2cc-556a-97bc-7501e19c4860", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6949f17f-c3c0-5e82-a3a7-0e41e53095a2", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fbc58cd3-f1fd-5e43-a931-de37b344ef99", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f4020e7-b7e7-53e6-a8f9-bc0fbaf2b7f7", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19efa3de-febf-52a4-bc9d-7e0ddfbaad5c", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:766cbd2f-9f73-5e08-bc1f-4f9398abe9a8", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ac62107-fab9-5eda-b128-c271302811fb", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:70d523f7-121b-59b2-bd1a-ceb61b344867", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4e0b0a7f-f51b-55f7-ae95-fec273b9c7ad", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1955171c-c1ee-5ef1-b8b1-7d5cd9532b3f", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:297180c7-f2c9-5229-bd56-273fc51fb0a9", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d729fcfb-7c80-53a2-99bf-54ad91bcb5bc", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f17d7e5e-378b-541a-a56e-06ddb12a34ec", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba163d47-e03b-5082-b82c-1bf54e472074", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a696946-d737-58b0-b98d-f649d22f0052", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:46b8e0fa-86e6-5fd6-a8e2-7485826fe925", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:11b16416-1f49-5ab3-bc9c-8bef3759bda7", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.1.7.RELEASE-tuxcare.1" } ] }