{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:721eab70-5656-5651-90a8-f52eb5e504d8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-messaging", "version": "5.2.0.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cb9ac67d-82d9-5aae-8a70-2134ce2c2ee2", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:399fcf03-f4ec-5fc6-8e97-d809ec784d38", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae444840-8540-5eb1-922f-259727ae6d28", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:941f7645-4431-55f7-94f8-a80e180c533e", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd74f5f0-ef26-5ca1-9335-9e6763340cea", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:688af37d-a44a-5c0f-80e7-6c26311824a6", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1108fcb9-4670-59c8-8fb7-fdc0b6ee5a1b", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:888a73be-a102-5d2f-a9dc-f3ee0d127e18", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3000a469-0cd8-513a-869b-a6320e45b304", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa6f7894-36b9-5d35-893c-3d5ba427a678", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d082507b-c8ce-58d4-952c-54886181f7cd", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:392e5838-312c-58da-9ced-bd7d9ca1409e", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8197edbc-1766-531f-a70b-ed65ab50af8b", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0abea65-cbe0-56d4-b933-8e3478d8c194", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4d3585f6-5a06-52cb-880b-9746b35c2fb6", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b76c9672-4a37-54b4-9a70-8957560e25fa", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fbba911d-6d7a-5a9d-b649-b89d6c316a01", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:14d5dee2-62c9-5e1a-ada9-9189c95bf336", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:870edb51-1bef-50ee-8900-d67168b0bb2d", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-messaging 5.2.0.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc12d4c7-e98f-50f4-8aaf-3747c35d12ff", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:15ad4dbf-7604-501b-ae1d-c93755a13ac0", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ace03e98-4ee0-5201-aa1d-d5098c72a466", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e762abec-ff20-515f-bd78-e537ab830759", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9cf93639-ed07-5153-86cb-62dfae003913", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-messaging 5.2.0.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a9f5594-f384-5a34-a892-0b55f9704503", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }