{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d76fea64-d411-5aab-a6a3-b1247e96f0eb", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-messaging", "version": "4.3.30.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fe753e68-32ad-5f11-a7e7-e754394ba35c", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ce0adb0-1942-55e7-8352-2137490bf0c1", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2adbad72-0b69-5b6a-857a-0baf493da144", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b005a29-e7cf-5b48-8cbf-1b6c11c2e790", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2c8dfe97-db5f-5661-918d-dfbd9ce4047e", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f735dcc-0a41-52ef-b1a5-0f5200d44a97", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8eb39591-1ae7-5ab4-a6ff-fefc70b967db", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b1a58bab-5a61-56d2-b9eb-5dd3f7e77e26", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1e94bc3b-5204-5120-a021-4c58b69ca6f9", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0a80a8d-a2d3-5e1d-a812-157f69d6384d", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:717e8707-4bfb-5d00-aef1-a26474e14d4e", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:343035da-e69d-5fd4-8e7e-c57f3748e755", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73b4f053-78b2-56f4-8055-91caa09ae273", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5214ab6e-9d1f-5dd0-8b66-16e6b9f93a34", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fd8ec350-eba2-5d2d-9eea-3efa16306a9f", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:50576762-52a8-534c-921e-53de2a7e87df", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d8eb9d32-858e-5935-9698-9e6aec0af0f6", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0d1f4575-34d9-5a79-a5ff-eaadfe0149b5", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9cacb534-ef03-5a1e-a34c-f261130b20a7", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6bd31e07-35fc-5e3b-baee-ed1b68eb0edd", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fee8adb6-e72b-5602-8611-2c459690c713", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f6e77002-1a9d-5a01-b1e5-572f2eae6b2f", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f8920fa-ad5c-5eed-bd31-f5b492e7e05f", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:acf71e3a-2d8a-55c9-a4a0-8ff75cf36c69", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97e46dda-a1f3-570e-a6f1-811850913d0b", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.3.30.RELEASE-tuxcare.2" } ] }