{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:742d1599-e5dd-5064-9c75-63a5e120c3a5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-messaging", "version": "4.3.30.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fba92c07-1453-516c-af55-5d454289100d", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dece6f18-0f69-5b9e-857d-11a803125c27", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83cda519-bf26-5388-9217-54c72121d0b7", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f149a075-7811-503a-872b-779baff4ca58", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2db3de83-b704-5e5e-9bd8-f360792b3899", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b6ef961-0e49-5ef2-961e-013c59eb9ed0", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c07d9c90-90c5-5251-b386-a677bc141cda", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ecf2e5fc-01e6-571a-b3d5-daa4996badd1", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc7d5c5e-434d-52ec-90db-8831b8940840", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9d04211c-b7a1-54a5-b08d-404432de472d", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9bab7b2a-4563-50e2-abad-6e517dadf911", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d80f35c-7814-5add-8bf6-b8d8cff228fb", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cac8d9ea-e5ec-5559-83c3-418c7e7ac4d8", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dba5ba25-337f-5bfd-99d3-de06042a0a7b", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8fbeb0b3-5bfd-5f3a-95f4-0f09ea785cc6", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4be79b7-7886-5e85-beb5-1b999d4b3c7c", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a9427e1-bac1-5607-bf2d-fcccc69cc8e2", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:724af26f-1904-5d4e-93f3-6ebdd1e79ba6", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1ce153f-1868-538e-99e8-27980725ef0f", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1122aa7c-0e73-5cb1-a5a1-4c223e6493db", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5ca298e-49d5-5ee5-b7f4-7cffb486da3d", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a64c61b7-6ecd-54c8-bb9d-32fc4d60ec4d", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ac828f3-1f73-5896-8ea7-cd2c399bca48", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b3317e6d-c806-515b-be62-88ee89511396", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5a46fc21-36f4-5522-896a-2b0be73d04fe", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.3.30.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.1" } ] }