{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bfcd2151-9fd0-5583-ae59-6001e064e48a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-messaging", "version": "5.2.0.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2aa255b5-6a8f-5ece-90c8-1115c543d8a1", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b2f4f5b-b773-5853-b3e6-1b520f94b5f0", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5bd97f9c-4c48-5fcc-a1d7-2f0ae9911a33", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5802d889-f3ac-5ee0-9982-277b34a83f45", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9babc5f9-a40e-5d71-9027-3142d977610b", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:343da517-eccb-5c35-9d1a-b4836c2beeb7", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5bf9d09e-df0f-59b5-9f23-b4c31f02323d", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c774447-dbc8-522b-b5d6-799b6a99028c", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a154084c-723e-54e4-a0aa-b4c629b61562", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:84e72f18-8566-59a3-80d4-f0ab097faf0a", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2816f885-7005-5714-8abb-813fbf7f9ee8", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:766bd15c-493e-5b41-976a-1eaf648f69c1", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ae988da0-3b08-5caf-b03a-855f47b17c67", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:82fe8d57-9b16-5e3a-9069-3da663835bb1", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca82423b-279a-5388-9787-5666374c6a7f", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ce158aef-1313-57d4-83a6-edd6efc9cba1", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a06c6ca1-fa36-5302-92b8-9b39f05d34ce", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:33d92c87-6ea3-5b02-b0f0-f63c297112e0", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c9053cf9-c0c7-57c2-847c-1ad67476ef2b", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-messaging 5.2.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f0c5cd3-d47e-54c9-b65f-b887eae08748", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:032f67c8-21a4-52e2-8d7c-a5c25eb39d8e", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06653b5f-f591-5e51-b965-770c8bf54c06", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:db9dd4d9-7a9f-58d1-95f1-fae356c611ca", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9929f685-a6ec-5ba7-bb4a-ed1213950cb5", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-messaging 5.2.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:912db08b-15c0-5d32-a227-335f00c6e2b3", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }