{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:01772d35-07e5-5b13-a459-075dfba73071", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-messaging", "version": "5.1.5.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fa5bb627-ae5b-57fd-8a25-d544c65592f4", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f555ccb3-5751-5834-b5a8-92b3cd5d53e5", "id": "CVE-2020-5398", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5398 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5cfc559c-986b-5f23-8979-1dfceaeefcbb", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1cc22d5-4436-546a-954a-fc817d17c9ef", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a167f960-bc6d-5209-9efa-73cbe12fbd8c", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c6f94e7e-c20e-59f8-a1cd-cd7316a34c34", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21092b38-c74c-5f8b-ab12-160e10b5691d", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:084f176a-8d40-5f35-a126-f1e7b5c77521", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a9343dbb-c8c6-5002-b132-e00d2254d166", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:37529651-d1ad-59a0-b437-ba3ee3ecbd21", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a2e8c231-c28c-5c2b-81b0-919fae46bf4c", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:249b0a62-48c4-5a1e-bac9-dc6e381ae695", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:90b63087-5a2a-5d9f-a035-e967e2cd28b4", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:10b24e18-573d-5910-acdf-16ed6463be12", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0d0b0b74-5667-5dc7-a583-e5909fe18e5f", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:573a7e80-7b46-5de7-a286-d8ef61e7ff1f", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:89c5cc1b-cac5-5e1e-8cf6-7253c2b07d48", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-messaging 5.1.5.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5a4ea496-7125-5ff7-8a9e-2f3729e75ac0", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:37ab94d6-fcf8-50c7-8f9b-c21461df94c3", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:56d569fe-011d-5c02-af97-9668ad812717", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:74cd3507-b3f3-5b0f-9e8a-d676ade5c0b7", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c7fcc01-8814-5e09-a5e6-8f6f0e0f7207", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1996e294-72cc-545a-8241-ada9ef5c4e78", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:25349188-5a17-59b3-849d-1174c2472fb9", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fec083e8-d07d-5c7f-a3c1-4111c86f6d3d", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.5.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.1.5.RELEASE-tuxcare.1" } ] }